Security News

A small Alaskan airline has suffered a curiously specific "Cyber attack" that mostly affected its De Havilland Dash 8 airliners. RavnAir Group declared on 21 December that it had "Experienced a malicious cyber attack on our company's IT network" the day before, causing it to cancel all of its flights operated with Dash 8s on its RavnAir Alaska airline.

RavnAir canceled at least a half-dozen flights in Alaska on Saturday — at the peak of holiday travel — following what the company described as “a malicious cyber attack” on its computer network....

A former contractor of British low-cost airline Jet2 has been sentenced to 10 months in prison for a cyberattack that shut down the airline’s systems for over 12 hours, the UK’s National Crime...

A massive data breach at Indonesian airline Lion Air that affected millions of customers stolen was the fault of staff at a contractor, the airline's Malaysia subsidiary said Monday. read more

Some of the airlines that manage booking systems themselves have failed to implement important protection mechanisms, exposing their customers’ personal information, a researcher has warned. read more

Amadeus Patches Check-In Software Used by Hundreds of AirlinesA vulnerability in global airline check-in software used by 500 airlines could have been exploited to download other individuals'...

Patched IDOR hole would have been child's play to exploit A now-patched vulnerability in the Amadeus flight reservation system – used by airlines around the planet – could, or may, have been...

Quick-fire summary of the past few days of news Roundup Welcome back, Brits, from your three-day Bank Holiday week. Allow us to catch you up on recent infosec comings and goings.…

Researcher's stumbling on bug was risky to say the least A cybersecurity professor has insisted he was not hunting for a vulnerability when he found a denial-of-service bug on an in-flight...

Up to eight airlines do not encrypt e-ticketing booking systems - leaving personal customer data open for the taking.