Security News
Aviation boffins have found that next-gen collision aircraft avoidance systems appear to be just as vulnerable to signal spoofing attacks as older kit. In a paper distributed via ArXiv, computer scientists at the UK's University of Oxford and Switzerland's Federal Office for Defence Procurement analyzed the Airborne Collision Avoidance System X, due to be deployed on commercial aircraft in the next few years, and found that it can be manipulated by a miscreant to produce fake collision alerts that prompt pilots to take evasive action.
Garmin services appear to be in the process of being restored after the company was reportedly hit with ransomware, though its aviation services remain offline at the time of writing. Although Garmin Connect and other consumer-facing apps were gradually coming back to life, according to the company's status page, at the time of writing The Register was only able to access some of its aviation services.
The World Economic Forum believes that the success - and safety - of the aviation industry is largely down "To the successful balance between regulatory and risk priorities." But times, prompted by the Fourth Industrial Revolution and digital transformation, are changing; and WEF notes, "As technology is changing, so are the priorities of aviation stakeholders and more work is required to ensure optimal resilience." And this is without the additional complications of new technologies such as unmanned aerial vehicles. The work involved interviews, surveys and workshops with industry participants, trade associations, regulators, air navigation service providers, airlines, airports and OEM manufacturers as well as ICT and insurance businesses working with and supporting the industry.
Faulty F-15s, at-risk airbases and much more DEF CON For the first time, Vegas's annual DEF CON hacking conference has an "aviation hacking village", and the US military is scouting around there...
DNS config snafu bares Jenkins instance contents to world+dog GE Aviation managed to expose a pile of its private keys on a misconfigured Jenkins instance that was exposed to the public internet,...
A DNS misconfiguration resulted in an open Jenkins server being available to all.
The Montreal-based United Nations aviation agency concealed for months a hack of its computers and allowed malware to spread throughout the airline industry, Canada's public broadcaster reported...
Aviation, as part of the transportation sector, falls within the critical infrastructure. While it may not have the same security issues as ICS/SCADA-based manufacturing and utilities, it has...
Researchers warn of a wave in aviation-themed phishing attacks that aim to steal credentials and install malware.
