Security News

Air Charter Firm Solairus Aviation Suffers Data Breach
2021-03-24 17:54

Private aviation services provider Solairus Aviation on Tuesday announced that some employee and customer data was compromised in a security incident at third-party vendor Avianis. In a data breach announcement on March 23, Solairus said aviation business management platform provider Avianis provided notification last December about an intrusion into Avianis' Microsoft Azure cloud platform, which hosts Solairus flight scheduling and tracking system.

Multiple Airlines Impacted by Data Breach at Aviation IT Firm SITA
2021-03-05 14:42

SITA, a multinational company that specializes in air transport communications and IT, this week confirmed falling victim to a cyberattack that appears to have impacted multiple airlines around the world. SITA said on Thursday that the attack, which it described as "Highly sophisticated," affected certain passenger data stored on servers of SITA Passenger Service System Inc., which operates passenger processing systems for airlines.

Meet the new aviation insecurity, same as the old aviation insecurity: Next-gen ACAS X just as vulnerable to spoofing as its predecessor
2020-10-06 10:46

Aviation boffins have found that next-gen collision aircraft avoidance systems appear to be just as vulnerable to signal spoofing attacks as older kit. In a paper distributed via ArXiv, computer scientists at the UK's University of Oxford and Switzerland's Federal Office for Defence Procurement analyzed the Airborne Collision Avoidance System X, due to be deployed on commercial aircraft in the next few years, and found that it can be manipulated by a miscreant to produce fake collision alerts that prompt pilots to take evasive action.

Garmin staggers back to its feet: Aviation systems seem to be lagging, though. Here's why
2020-07-27 14:37

Garmin services appear to be in the process of being restored after the company was reportedly hit with ransomware, though its aviation services remain offline at the time of writing. Although Garmin Connect and other consumer-facing apps were gradually coming back to life, according to the company's status page, at the time of writing The Register was only able to access some of its aviation services.

World Economic Forum on Securing the Aviation Industry in the Age of Convergence
2020-01-27 15:46

The World Economic Forum believes that the success - and safety - of the aviation industry is largely down "To the successful balance between regulatory and risk priorities." But times, prompted by the Fourth Industrial Revolution and digital transformation, are changing; and WEF notes, "As technology is changing, so are the priorities of aviation stakeholders and more work is required to ensure optimal resilience." And this is without the additional complications of new technologies such as unmanned aerial vehicles. The work involved interviews, surveys and workshops with industry participants, trade associations, regulators, air navigation service providers, airlines, airports and OEM manufacturers as well as ICT and insurance businesses working with and supporting the industry.

US military swoops into DEF CON seeking a few good hackers for debut aviation pwning village
2019-08-12 16:01

Faulty F-15s, at-risk airbases and much more DEF CON For the first time, Vegas's annual DEF CON hacking conference has an "aviation hacking village", and the US military is scouting around there...

'This repository is private' – so what's it doing on the public internet, GE Aviation?
2019-07-09 16:45

DNS config snafu bares Jenkins instance contents to world+dog GE Aviation managed to expose a pile of its private keys on a misconfigured Jenkins instance that was exposed to the public internet,...

GE Aviation Passwords, Source Code Exposed in Open Jenkins Server
2019-07-08 20:39

A DNS misconfiguration resulted in an open Jenkins server being available to all.

UN Aviation Agency Concealed Serious Hack: Media
2019-02-28 16:24

The Montreal-based United Nations aviation agency concealed for months a hack of its computers and allowed malware to spread throughout the airline industry, Canada's public broadcaster reported...

F-Secure Looks to Address Cyber Security Risks in Aviation Industry
2018-03-19 16:02

Aviation, as part of the transportation sector, falls within the critical infrastructure. While it may not have the same security issues as ICS/SCADA-based manufacturing and utilities, it has...