TSA to impose cybersecurity mandates on railroad and aviation industries

The Transportation Security Administration will impose new cybersecurity mandates on the railroad and airline industries, including reporting requirements as part of a department effort to force compliance in the wake of high-profile cyberattacks on critical industries, Homeland Security Secretary Alejandro Read More …

UK: Three flights diverted as Gatwick Airport air traffic control suffers IT issues

Three flights have been diverted from Gatwick Airport due to IT issues in the air traffic control tower. Two British Airways flights were diverted to Heathrow Airport while one easyJet flight was redirected to London Luton Airport, a spokesperson for Read More …

Examining Log4j Vulnerabilities in Connected Cars and Charging Stations

Since its disclosure on Dec. 9, a vast number of articles have been written on the remote code execution (RCE) vulnerability in the library Apache Log4j — a reflection of its impact. The library is used by innumerable programs to Read More …

Fulfilling Security Requirements for the Transportation Sector

Protecting our critical infrastructure against the threat of ransomware remains a top priority for both the private sector and the federal government. In fact, a recent survey from Tripwire found that security professionals in both sectors still identify ransomware as Read More …

After ransomware attack, global logistics firm Hellmann warns of scam calls and mail

German logistics giant Hellmann has warned its customers and partners to be on the lookout for fraudulent calls and mail after the company was hit with a ransomware attack two weeks ago. In an update about the cyberattack that initially Read More …

Suspected Iranian hackers target airline with new backdoor

A suspected, state-sponsored Iranian threat group has attacked an airline with a never-before-seen backdoor. On Wednesday, cybersecurity researchers from IBM Security X-Force said an Asian airline was the subject of the attack, which likely began in October 2019 until 2021. Read More …

Collecting In the Dark: Tropic Trooper Targets Transportation and Government

Earth Centaur, previously known as Tropic Trooper, is a long-running cyberespionage threat group that has been active since 2011. In July 2020, Trend Micro researchers noticed interesting activity coming from the group, and they have been closely monitoring it since. Read More …

DHS Announces New Cybersecurity Requirements for Surface Transportation Owners and Operators

WASHINGTON – DHS’s Transportation Security Administration (TSA) today announced two new Security Directives and additional guidance for voluntary measures to strengthen cybersecurity across the transportation sector in response to the ongoing cybersecurity threat to surface transportation systems and associated infrastructure. Read More …

Railway Cybersecurity – Good Practices in Cyber Risk Management

This report aims to be a reference point for current good practices for cyber risk management approaches that are applicable to the railway sector. It offers a guide for railway undertakings and infrastructure managers to select, combine or adjust cyber Read More …

2 US defense officials say Israel hacked Iran’s gas system in late October

Israel carried out a cyber attack against Iran’s nationwide fuel system last month, two United States defense officials told the New York Times in a report published Saturday. Days later, Iran-affiliated hackers breached an Israeli LGBTQ dating site and released Read More …