14 matches found
NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software
The Office of Inspector General OIG of the U.S. National Aeronautics and Space Administration NASA has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space agency, as well as from government entities,...
Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics
Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East's public sector and aviation industry. The threat actor behind the activity, according to Trend Micro, exhibited tactics mirroring those of...
Phishers Target Aviation Execs to Scam Customers
KrebsOnSecurity recently heard from a reader whose boss's email account got phished and was used to trick one of the company's customers into sending a large payment to scammers. An investigation into the attacker's infrastructure points to a long-running Nigerian cybercrime ring that is actively...
AsyncRAT C2 Framework: Overview, Technical Analysis & Detection
In this blog we describe the AsyncRAT C2 command & control Framework, which allows attackers to remotely monitor and control other computers over a secure encrypted link. We provide an overview of this threat, a technical analysis, and a method of detecting the malware using Qualys Multi-Vector...
A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries
A previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japan with the goal of stealing data from compromised networks. Cybersecurity company Positive...
Threat Source newsletter (Sept. 16, 2021)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. It's a bird, it's a plane, it's a rat! We've been tracking a series of trojans targeting the aviation industry, and trying to lure victims in by sending them spam related to flight itineraries and other transportation... This is on...
Operation Layover: How we tracked an attack on the aviation industry to five years of compromise
By Tiago Pereira and Vitor Ventura. Cisco Talos linked the recent aviation targeting campaigns to an actor who has been targeting the aviation industry for two years.The same actor has been running successful malware campaigns for more than five years.Although always using commodity malware, the...
Ransomware. In the air?
Introduction As an exercise, we were asked to look at the potential vectors for ransomware to affect flight despatch and operations. In most cases, flight systems simply werent significantly exposed, but ground systems affected by ransomware may make flight ops either impossible or significantly...
Researchers Claim CIA Was Behind 11-Year-Long Hacking Attacks Against China
Qihoo 360, one of the most prominent cybersecurity firms, today published a new report accusing the U.S. Central Intelligence Agency CIA to be behind an 11-year-long hacking campaign against several Chinese industries and government agencies. The targeted industry sectors include aviation...
ASSURE Aviation Cyber Security Testing
We've long been supporters and champions of a formalised approach to Aviation Cyber Security Testing. Our research and blogging has taken us on an interesting journey regarding airside and landside security, mapping attack surfaces and explaining how systems work and interact. Speaking and...
Chinese Threat Actors Indicted For Stealing Aviation Trade Secrets
Hot on the heels of the Carbon Black Quarterly IR Threat Report, specifically calling out increased cybercrime activity from China, the US Department of Justice has indicted ten Chinese Nationals for perpetrating attacks against U.S. and French aviation companies in a stunning display of state...
Aviation & Logistics: Island Hopping – A Growing Threat
When we think about the industries that have the most to lose from a serious cyber attack, our minds probably immediately go to the Finance, Healthcare, and Energy sectors. And for good reason - as Carbon Black research shows, 78% of IR professionals say they observe attacks on the financial...
Top 10 vulnerable airports where your device can be hacked
By Waqas The aviation industry is growing, thanks to millions of passengers traveling around the world. According to Statista, in 2017, 36.8 million flights were operated worldwide while the Bureau of Transportation Statistics revealed PDF that in 2017, U.S.-based airlines transported over 746...
Attacking Critical Infrastructure: The Evolution Of Kinetic Warfare
I said earlier in 2017 I believed it was quite possible that during the year a major cyberattack will occur in either the United States, the United Kingdom, or another friendly country that will require a response equivalent to a kinetic attack. In other words, a cyberattack will occur that will ...