InfoSecBulletin Cybersecurity for mankind
The recent data breach at Airbus was caused by an info-stealer called RedLine, which was most likely hidden in a pirated copy of Microsoft software, according to researchers. The European aerospace giant has announced the initiation of an investigation regarding the incident.
In a statement, it was emphasized that Airbus, being a major player in the high-tech and industrial sectors, is a prime target for malicious individuals. Airbus prioritizes cybersecurity and consistently monitors its IT systems. They have strong protection tools, experienced cyber experts, and established processes to promptly and effectively protect the company as necessary.
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
ALSO READ:
DDoS Attacks at 633.7 Gbps Combining ACK, PUSH, RESET, and SYN Packets
According to Hudson Rock, a cyber-intelligence firm, a threat actor known as “USDoD” and allegedly associated with the Ransomed ransomware group, has shared the breached data on the BreachForums site. The personal information of 3200 Airbus vendors, including Rockwell Collins and Thales Group, was exposed in a data dump. This information includes names, addresses, phone numbers, and email addresses.
Hudson Rock has confirmed the claim made by the threat actor that this originated from an employee’s access at Turkish Airlines. The computer is owned by a Turkish Airlines employee and holds important login credentials for Airbus, provided by third parties.
The explanation provided states that the victim apparently made an attempt to download an illegal version of the Microsoft .NET framework, as indicated in the path of the malware.
As a result, they became victims of a threat actor who used the widely used RedLine info-stealing family. There is a concerning hint from the USDoD that the aerospace industry could potentially face more victims, including renowned US defense contractors like Lockheed Martin and Raytheon. Previously, it was believed that the individual responsible for infiltrating the FBI’s InfraGard information-sharing network was the threat actor.
Samantha Humphries, a senior director at Exabeam, said that to reduce supply chain risk, it is important to carry out tabletop exercises, monitor credentials, and plan for breach response. “Security leaders have a crucial role to play in due diligence discussions regarding supplier risk. Moreover, they should establish and oversee processes and monitoring systems to effectively detect and respond to supply chain attacks,” she emphasized.
This is a necessary expense for businesses and should be seen as something that helps businesses operate effectively and comply with regulations.
