InfoSecBulletin Cybersecurity for mankind
The recent data breach at Airbus was caused by an info-stealer called RedLine, which was most likely hidden in a pirated copy of Microsoft software, according to researchers. The European aerospace giant has announced the initiation of an investigation regarding the incident.
In a statement, it was emphasized that Airbus, being a major player in the high-tech and industrial sectors, is a prime target for malicious individuals. Airbus prioritizes cybersecurity and consistently monitors its IT systems. They have strong protection tools, experienced cyber experts, and established processes to promptly and effectively protect the company as necessary.
SonicWall patched SSLVPN Vuln Allowing Firewall Crashing
GitLab Releases Security Update For Multiple Vulns
ISPAB president “whatsapp” got hacked via phishing link
Zyxel released patches 2 vulns in its USG FLEX H series firewalls
South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked
ChatGPT Develops Exploit for CVEs Before Public PoCs Share
TP-Link Router Vulns Allow to Execute Malicious SQL Commands
SSL.com’s domain validation system’s bug found: Hacker exploited
Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals
Hackers Exploit Zoom’s Remote Control Feature for System Access
ALSO READ:
DDoS Attacks at 633.7 Gbps Combining ACK, PUSH, RESET, and SYN Packets
According to Hudson Rock, a cyber-intelligence firm, a threat actor known as “USDoD” and allegedly associated with the Ransomed ransomware group, has shared the breached data on the BreachForums site. The personal information of 3200 Airbus vendors, including Rockwell Collins and Thales Group, was exposed in a data dump. This information includes names, addresses, phone numbers, and email addresses.
Hudson Rock has confirmed the claim made by the threat actor that this originated from an employee’s access at Turkish Airlines. The computer is owned by a Turkish Airlines employee and holds important login credentials for Airbus, provided by third parties.
The explanation provided states that the victim apparently made an attempt to download an illegal version of the Microsoft .NET framework, as indicated in the path of the malware.
As a result, they became victims of a threat actor who used the widely used RedLine info-stealing family. There is a concerning hint from the USDoD that the aerospace industry could potentially face more victims, including renowned US defense contractors like Lockheed Martin and Raytheon. Previously, it was believed that the individual responsible for infiltrating the FBI’s InfraGard information-sharing network was the threat actor.
Samantha Humphries, a senior director at Exabeam, said that to reduce supply chain risk, it is important to carry out tabletop exercises, monitor credentials, and plan for breach response. “Security leaders have a crucial role to play in due diligence discussions regarding supplier risk. Moreover, they should establish and oversee processes and monitoring systems to effectively detect and respond to supply chain attacks,” she emphasized.
This is a necessary expense for businesses and should be seen as something that helps businesses operate effectively and comply with regulations.
