- Is your car safe from a cyber attack?
May 17, 2023
In January 2022, 19-year-old David Colombo from Dinkelsbühl, Germany, announced via Twitter that he had been able to hack at least 25 Tesla vehicles in 13 countries and partially take them over. “So, I now have full remote control of over 25 Teslas in 13 countries and there seems to be no way to find ...
- European air traffic control confirms website ‘under attack’ by pro-Russia hackers
April 22, 2023
Europe’s air-traffic agency appears to be the latest target in pro-Russian miscreants’ attempts to disrupt air travel. Eurocontrol confirmed on Friday its website has been “under attack” since April 19, and said “pro-Russian hackers” had claimed responsibility for the disruption. Read more… Source: The Register
- Uber driver info stolen yet again: This time from law firm
April 4, 2023
Uber has had more of its internal data stolen from a third party that suffered a security breach. This time, the personal info of the app’s drivers was swiped by miscreants from the IT systems of law firm Genova Burns. In a letter to affected drivers, the lawyers said they had looked into the intrusion, and ...
- Gone in 120 seconds: Tesla Model 3 child’s play for hackers
March 27, 2023
A team of hackers from French security shop Synacktiv have won $100,000 and a Tesla Model 3 after subverting the Muskmobile’s entertainment system, and from there opening up the car’s core management systems. The prize was awarded at the annual Pwn2Own competition in Vancouver and it wasn’t Synacktiv’s only win. The team walked away from the ...
- Ransomware Attack Hits Ship-Tracking Firm Royal Dirkzwager
March 22, 2023
A team of ransomware hackers have published proprietary inside data allegedly obtained the Dutch shipping intelligence agency Royal Dirkzwager, according to cybsersecurity trade press. The leak purportedly include employee passports, contracts and other sensitive information. The hackers claim to have more data that is yet to be released, reports Security Week. Read more… Source: The Maritime Executive
- Understanding Cyber Threats in Transport
March 21, 2023
This new report maps and analyses cyber incidents in relation to aviation, maritime, railway and road transport covering the period of January 2021 to October 2022. The report brings new insights into the cyber threats of the transport sector. In addition to the identification of prime threats and the analysis of incidents, the report includes an ...
- Ferrari reports cyber incident with ransom demand; no impact to operations
March 20, 2023
Italian luxury sports car maker Ferrari SpA said on Monday that a hacker recently demanded ransom from the company related to certain client contact details, adding that the breach had no impact on the company’s operations. Ferrari said it notified its customers of the potential data exposure and the nature of the incident. Read more… Source: Yahoo! News
- NATO and European Union launch task force on resilience of critical infrastructure
March 16, 2023
First announced by NATO Secretary General Jens Stoltenberg and European Commission President Ursula von der Leyen in January, the initiative brings together officials from both organisations to share best practices, share situational awareness, and develop principles to improve resilience. The Task Force will begin by focusing on four sectors: energy, transport, digital infrastructure, and space. Announcing ...
- Canada: Cyber attack hits engineering giant with contracts for military bases, power plants
March 9, 2023
A Canadian engineering giant whose work involves critical military, power and transportation infrastructure across the country has been hit with a ransomware attack. Toronto-based Black & McDonald has so far refused to publicly comment on the cyberattack, while the Department of National Defence and other clients of the company have downplayed any impact or damage. Read more… Source: ...
- TSA issues new cybersecurity requirements for airport and aircraft operators
March 7, 2023
Today, the Transportation Security Administration (TSA) issued a new cybersecurity amendment on an emergency basis to the security programs of certain TSA-regulated airport and aircraft operators, following similar measures announced in October 2022 for passenger and freight railroad carriers. This is part of the Department of Homeland Security’s efforts to increase the cybersecurity resilience of U.S. critical infrastructure and ...
- Hydrochasma: Previously unknown group targets medical and shipping organizations in Asia
February 22, 2023
Shipping companies and medical laboratories in Asia are being targeted in a likely intelligence-gathering campaign that relies exclusively on publicly available and living-off-the-land tools. Hydrochasma, the threat actor behind this campaign, has not been linked to any previously identified group, but appears to have a possible interest in industries that may be involved in COVID-19-related treatments ...
- Hyundai and Kia issue software upgrades to thwart killer TikTok car theft hack
February 15, 2023
Korean car-makers Hyundai and Kia will issue software updates to some of their models after a method of stealing them circulated on TikTok, leading to many thefts and even some deaths. The “Kia Challenge” started circulating in mid-2022 and explained that it’s possible to remove the steering column covering on some Hyundai and Kia models by ...
- Scandinavian Airlines hit by cyber attack
February 15, 2023
Scandinavian airline SAS said it was hit by a cyber attack Tuesday evening and urged customers to refrain from using its app but later said it had fixed the problem. News reports said the hack paralyzed the carrier’s website and leaked customer information from its app. Read more… Source: Skift
- Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with
February 7, 2023
Shares in Morgan Advanced Materials tanked 7.5% to 292p this morning after the industrial manufacturer became the latest listed firm to fall victim to a cyber attack which it said would cost millions of pounds to tackle. The 166-year-old firm warned the attack meant some of its IT systems were irrecoverable, and it had been forced ...
- Researcher breaches Toyota supplier portal with info on 14,000 partners
February 7, 2023
Toyota’s Global Supplier Preparation Information Management System (GSPIMS) was breached by a security researcher who responsibly reported the issue to the company. GSPIMS is the car manufacturer’s web application that allows employees and suppliers to remotely log in and manage the firm’s global supply chain. Read more… Source: Bleeping Computer
- Hacker finds copy of TSA no-fly list on exposed cloud storage
January 22, 2023
A copy of the U.S. Transportation Security Administration’s “no-fly list” has been found by a Swiss hacker exposed on the open internet in yet another case of misconfigured cloud storage. First reported by The Daily Dot, the exposure of the database was found by a Swiss hacker known as “maia arson crimew” on a server run ...
- Ransomware severs 1,000 ships from on-shore servers
January 19, 2023
Norwegian maritime risk management business is getting a lesson in that very area, after a ransomware attack forced its ShipManager software offline and left 1,000 ships without a connection to on-shore servers. DNV said the attack happened on January 7, and updated its report yesterday to say it involved ransomware – but affected vessels are not ...
- Nissan North America data breach caused by vendor-exposed database
January 17, 2023
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information. The security incident was reported to the Office of the Maine Attorney General on Monday, January 16, 2023, where Nissan disclosed that 17,998 customers were affected by the breach. Read more… Source: Bleeping Computer
- U.S. Federal Aviation Administration says flight personnel alert system not processing updates after outage
January 11, 2023
The U.S. Federal Aviation Administration’s (FAA) system that alerts pilots and other flight personnel about hazards or any changes to airport facility services and relevant procedures was not processing updated information, the civil aviation regulator’s website showed on Wednesday. In an advisory, the FAA said its NOTAM (Notice to Air Missions) system had “failed”. There was ...
- Air France and KLM notify customers of account hacks
January 6, 2023
Air France and KLM have informed Flying Blue customers that some of their personal information was exposed after their accounts were breached. Flying Blue is a loyalty program allowing clients of multiple airlines, including Air France, KLM, Transavia, Aircalin, Kenya Airways, and TAROM, to exchange loyalty points for various rewards. “Our security operations teams have detected suspicious ...