Thursday , April 24 2025

Pirated Software may cause of Airbus Breach

The recent data breach at Airbus was caused by an info-stealer called RedLine, which was most likely hidden in a pirated copy of Microsoft software, according to researchers. The European aerospace giant has announced the initiation of an investigation regarding the incident.

In a statement, it was emphasized that Airbus, being a major player in the high-tech and industrial sectors, is a prime target for malicious individuals. Airbus prioritizes cybersecurity and consistently monitors its IT systems. They have strong protection tools, experienced cyber experts, and established processes to promptly and effectively protect the company as necessary.

SonicWall patched SSLVPN Vuln Allowing Firewall Crashing

SonicWall has revealed a vulnerability in its SonicOS SSLVPN Virtual Office interface that could let remote attackers crash firewall appliances....
Read More
SonicWall patched SSLVPN Vuln Allowing Firewall Crashing

GitLab Releases Security Update For Multiple Vulns

GitLab has announced a security advisory urging users to upgrade their self-managed installations right away. Versions 17.11.1, 17.10.5, and 17.9.7...
Read More
GitLab Releases Security Update For Multiple Vulns

ISPAB president “whatsapp” got hacked via phishing link

Imdadul Haque, the president of Internet Service Provider of Bangladesh (ISPAB) said, I automatically got back my WhatsApp account. What...
Read More
ISPAB president “whatsapp” got hacked via phishing link

Zyxel released patches 2 vulns in its USG FLEX H series firewalls

Zyxel Networks has issued critical security patches for two high-severity vulnerabilities in its USG FLEX H series firewalls. These flaws...
Read More
Zyxel released patches 2 vulns in its USG FLEX H series firewalls

South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked

South Korea's largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related...
Read More
South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked

ChatGPT Develops Exploit for CVEs Before Public PoCs Share

Security researcher Matt Keeley showed that artificial intelligence can now develop working exploits for critical vulnerabilities before public proof-of-concept (PoC)...
Read More
ChatGPT Develops Exploit for CVEs Before Public PoCs Share

TP-Link Router Vulns Allow to Execute Malicious SQL Commands

Several vulnerabilities have been found in TP-Link routers, exposing users to serious security risks from SQL injection flaws in their...
Read More
TP-Link Router Vulns Allow to Execute Malicious SQL Commands

SSL.com’s domain validation system’s bug found: Hacker exploited

SSL.com has revealed a major security flaw in its domain validation system, which could enable attackers to acquire fake SSL...
Read More
SSL.com’s domain validation system’s bug found: Hacker exploited

Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals

Amazon has paused some data center lease negotiations for its cloud division, particularly in international markets, according to Wells Fargo...
Read More
Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals

Hackers Exploit Zoom’s Remote Control Feature for System Access

ELUSIVE COMET is a threat actor conducting a sophisticated attack campaign that uses Zoom's remote control feature to access victims'...
Read More
Hackers Exploit Zoom’s Remote Control Feature for System Access

ALSO READ:

DDoS Attacks at 633.7 Gbps Combining ACK, PUSH, RESET, and SYN Packets

According to Hudson Rock, a cyber-intelligence firm, a threat actor known as “USDoD” and allegedly associated with the Ransomed ransomware group, has shared the breached data on the BreachForums site. The personal information of 3200 Airbus vendors, including Rockwell Collins and Thales Group, was exposed in a data dump. This information includes names, addresses, phone numbers, and email addresses.

Hudson Rock has confirmed the claim made by the threat actor that this originated from an employee’s access at Turkish Airlines. The computer is owned by a Turkish Airlines employee and holds important login credentials for Airbus, provided by third parties.

The explanation provided states that the victim apparently made an attempt to download an illegal version of the Microsoft .NET framework, as indicated in the path of the malware.

As a result, they became victims of a threat actor who used the widely used RedLine info-stealing family. There is a concerning hint from the USDoD that the aerospace industry could potentially face more victims, including renowned US defense contractors like Lockheed Martin and Raytheon. Previously, it was believed that the individual responsible for infiltrating the FBI’s InfraGard information-sharing network was the threat actor.

Samantha Humphries, a senior director at Exabeam, said that to reduce supply chain risk, it is important to carry out tabletop exercises, monitor credentials, and plan for breach response. “Security leaders have a crucial role to play in due diligence discussions regarding supplier risk. Moreover, they should establish and oversee processes and monitoring systems to effectively detect and respond to supply chain attacks,” she emphasized.

This is a necessary expense for businesses and should be seen as something that helps businesses operate effectively and comply with regulations.

Check Also

Airport

Cyberattack on Malaysian airports: PM rejected $10 million ransom

Operations at Kuala Lumpur International Airport (KLIA) were unaffected by a cyber attack in which …

Leave a Reply

Your email address will not be published. Required fields are marked *