Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Hijacking. Show all posts
threats
Advertising attacks Business Cloud CyberCrime Cybersecurity Duckport Ducktail Facebook Hijacking Information Linkedin malware Marketing Scams Security SocialEngineering SocialMedia Tactics threats

Vietnamese Cybercriminals Exploit Malvertising to Target Facebook Business Accounts

Cybercriminals associated with the Vietnamese cybercrime ecosystem are exploiting social media platforms, including Meta-owned Facebook, as a means to distribute malware. 

According to Mohammad Kazem Hassan Nejad, a researcher from WithSecure, malicious actors have been utilizing deceptive ads to target victims with various scams and malvertising schemes. This tactic has become even more lucrative with businesses increasingly using social media for advertising, providing attackers with a new type of attack vector – hijacking business accounts.

Over the past year, cyber attacks against Meta Business and Facebook accounts have gained popularity, primarily driven by activity clusters like Ducktail and NodeStealer, known for targeting businesses and individuals operating on Facebook. 

Social engineering plays a crucial role in gaining unauthorized access to user accounts, with victims being approached through platforms such as Facebook, LinkedIn, WhatsApp, and freelance job portals like Upwork. Search engine poisoning is another method employed to promote fake software, including CapCut, Notepad++, OpenAI ChatGPT, Google Bard, and Meta Threads.

Common tactics among these cybercrime groups include the misuse of URL shorteners, the use of Telegram for command-and-control (C2), and legitimate cloud services like Trello, Discord, Dropbox, iCloud, OneDrive, and Mediafire to host malicious payloads.

Ducktail, for instance, employs lures related to branding and marketing projects to infiltrate individuals and businesses on Meta's Business platform. In recent attacks, job and recruitment-related themes have been used to activate infections. 

Potential targets are directed to fraudulent job postings on platforms like Upwork and Freelancer through Facebook ads or LinkedIn InMail. These postings contain links to compromised job description files hosted on cloud storage providers, leading to the deployment of the Ducktail stealer malware.

The Ducktail malware is designed to steal saved session cookies from browsers, with specific code tailored to take over Facebook business accounts. These compromised accounts are sold on underground marketplaces, fetching prices ranging from $15 to $340.

Recent attack sequences observed between February and March 2023 involve the use of shortcut and PowerShell files to download and launch the final malware. The malware has evolved to harvest personal information from various platforms, including X (formerly Twitter), TikTok Business, and Google Ads. It also uses stolen Facebook session cookies to create fraudulent ads and gain elevated privileges.

One of the primary methods used to take over a victim's compromised account involves adding the attacker's email address, changing the password, and locking the victim out of their Facebook account.

The malware has incorporated new features, such as using RestartManager (RM) to kill processes that lock browser databases, a technique commonly found in ransomware. Additionally, the final payload is obfuscated using a loader to dynamically decrypt and execute it, making analysis and detection more challenging.

To hinder analysis efforts, the threat actors use uniquely generated assembly names and rely on SmartAssembly, bloating, and compression to obfuscate the malware.

Researchers from Zscaler also observed instances where the threat actors initiated contact using compromised LinkedIn accounts belonging to users in the digital marketing field, leveraging the authenticity of these accounts to aid in social engineering tactics. This highlights the worm-like propagation of Ducktail, where stolen LinkedIn credentials and cookies are used to log in to victims' accounts and expand their reach.

Ducktail is just one of many Vietnamese threat actors employing shared tools and tactics for fraudulent schemes. A Ducktail copycat known as Duckport, which emerged in late March 2023, engages in information stealing and Meta Business account hijacking. Notably, Duckport differs from Ducktail in terms of Telegram channels used for command and control, source code implementation, and distribution, making them distinct threats.

Duckport employs a unique technique of sending victims links to branded sites related to the impersonated brand or company, redirecting them to download malicious archives from file hosting services. Unlike Ducktail, Duckport replaces Telegram as a channel for passing commands to victims' machines and incorporates additional information stealing and account hijacking capabilities, along with taking screenshots and abusing online note-taking services as part of its command and control chain.

"The Vietnamese-centric element of these threats and high degree of overlaps in terms of capabilities, infrastructure, and victimology suggests active working relationships between various threat actors, shared tooling and TTPs across these threat groups, or a fractured and service-oriented Vietnamese cybercriminal ecosystem (akin to ransomware-as-a-service model) centered around social media platforms such as Facebook," WithSecure said.
Read more »
syndicates
criminals criminals' methods Cyber Crime fake license fake plates Hijacking identity identity concealment insight investigator Mercedes-Benz police force stolen syndicates

Recovered Stolen Mercedes Offers Glimpse into Hijackers' Tactics

 

A recently recovered Mercedes-Benz, which had been stolen and then found equipped with counterfeit license plates and a forged license disc, has shed light on the operational tactics of hijacking syndicates and their ability to exploit technological advancements to evade capture.

Specialist investigator Mike Bolhuis, drawing on his extensive experience in investigating serious, violent, and cyber crimes, shared insights regarding the strategies employed by hijackers to conceal their identities and mask stolen vehicles.

Marshall Security, on Tuesday, announced the retrieval of a stolen Mercedes-Benz C200 along Sinembe Crescent near uMhlanga Rocks Drive, situated in the Somerset Park region. This vehicle was reportedly taken from Reservoir Hills the previous week.

Following the recovery, Marshall Security disclosed that the abandoned vehicle was equipped with fraudulent plates and a counterfeit license disc. The South African Police Service (SAPS) had been actively searching for the vehicle.

However, as Bolhuis emphasizes, false license discs and plates merely scratch the surface of the broader issue associated with hijacking. Criminals exploit technological advancements, while law enforcement faces challenges in combating these crimes.

Bolhuis characterizes the methods employed by criminals to mask their identities and switch between aliases as a form of cybercrime. He explains that criminals employ fabricated identities and counterfeit information for vehicles, often with assistance from corrupt individuals within various sectors.

These criminal activities are grounded in cybercrime, a global concern. Criminals exploit this digital realm to fabricate false documents routinely, rendering their capture challenging. Bolhuis asserts that law enforcement's struggle against digital crimes is compounded by their limited capacity, enabling criminals to exploit this weakness.

He asserts that the primary means of apprehending these criminals involves witnesses, forensic information, or digital tracking. Bolhuis highlights the necessity of gathering forensic evidence, citing the potential of trace elements such as saliva or hair follicles, as well as using indicators like dirt on wheels to deduce the stolen vehicle's movements.

Upon stealing a vehicle, criminals adapt their approach based on their objectives. They may fulfill orders for high-end vehicles or employ the stolen cars in the commission of other crimes. Vehicles are sometimes used to ram cash-transit vehicles or for ATM bombings before being left at the scene. Bolhuis particularly underscores the importance of forensic data in narrowing down suspects.

The latest statistics from the South African Police Service (SAPS) reveal that between April and June 2023, 9,081 motor vehicles and motorcycles were reported as stolen. Carjackings accounted for a significant portion, with 2,591 sedans, coupes, and hatchbacks stolen, along with 1,582 bakkies.

The Western Cape and Gauteng regions of South Africa experienced the highest incidence of carjackings, reflecting the pervasive nature of this criminal phenomenon.
Read more »
Supply Chain Assaults
AWS Keys Cyber Attacks Hijacking PHP Libraries PyPI Package python Supply Chain Assaults

Popular Python and PHP LIbraries Hijacked to Steal AWS Keys

 

A software supply chain assault has compromised the PyPI module 'ctx,' which is downloaded over 20,000 times per week, with malicious versions collecting the developer's environment variables. The threat actor even replaced older, secure versions of 'ctx' with code that gathers secrets like Amazon AWS keys and credentials by exfiltrating the developer's environment variables. 

In addition, versions of a 'phpass' fork released to the PHP/Composer package repository Packagist had been modified in a similar way to steal secrets. Over the course of its existence, the PHPass framework has had over 2.5 million downloads from the Packagist repository—though malicious variants are thought to have received significantly fewer downloads. 

The widely used PyPI package 'ctx' was hacked earlier this month, with newer released versions leaking environment variables to an external server. 'ctx' is a small Python module that allows programmers to manipulate dictionary ('dict') objects in various ways. Despite its popularity, the package's developer had not touched it since 2014, according to BleepingComputer. Newer versions, which were released between May 15th and this week, contained dangerous malware. 

The corrupted 'ctx' package was initially discovered by Reddit user jimtk. Somdev Sangwan, an ethical hacker, also revealed that the PHP package 'phpass' had been infiltrated, with tainted copies of the library taking developers' AWS secret keys. Although the malicious 'ctx' versions have been removed from PyPI, copies acquired from Sonatype's malware archives show the presence of harmful code in all 'ctx' versions. 

It's also worth noting that the 0.1.2 version, which hadn't been updated since 2014, was replaced this week with a malicious payload. Once installed, these versions gather all your environment variables and upload these values to the following Heroku endpoint: https://anti-theft-web.herokuapp[.]com/hacked/. At the time of analysis, the endpoint was no longer active. 

In a similar attack, the fork of 'hautelook/phpass,' a hugely popular Composer/PHP package, was hacked with malicious versions released to the Packagist repository. PHPass is an open-source password hashing framework that may be used in PHP applications by developers. The framework was first released in 2005 and has since been downloaded over 2.5 million times on Packagist. 

This week, BleepingComputer discovered malicious commits to the PHPass project that stole environment variables in the same way. The modified 'PasswordHash.php' file in PHPass looks for the values 'AWS ACCESS KEY' and 'AWS SECRET KEY' in your environment. Following that, the secrets are uploaded to the same Heroku endpoint. The presence of similar functionality and Heroku endpoints in both the PyPI and PHP packages suggests that both hijacks were perpetrated by the same threat actor. 

According to the researchers, the attacker's identity is evident. However, this could have been a proof-of-concept experiment gone wrong, and it would be irresponsible to name the individual behind the 'ctx' and 'phpass' hijack until additional information becomes available. Furthermore, while the malicious PyPI package 'ctx' remained active until later today, the impact of malicious 'PHPass' versions appears to have been far more limited after Packagist co-founder Jordi Boggiano marked the hijacked repository as "abandoned" and advised everyone to use bordoni/phpass instead. 

The hijacking of PyPI package 'ctx' is said to have been caused by a maintainer account compromise, but the true cause has yet to be discovered. The attacker claiming a previously abandoned GitHub repository and reviving it to publish altered 'phpass' versions to the Packagist registry has been ascribed to the hack of hautepass/phpass. 

Security Innovation, a cybersecurity organisation, previously dubbed this type of attack "repo jacking." Intezer and Checkmarx recently produced a joint study based on this research and how it can affect Go projects, termed it "chainjacking." This hijacking comes on the back of a PyPI typosquat being detected deploying backdoors on Windows, Linux, and Macs.
Read more »
Vulnerabilities and Exploits
Hijacking RCE Root Shell Vulnerabilities and Exploits

Severe Remote Code Execution Flaws Discovered in Motorola Halo+ Baby Monitors

 

On Tuesday, Randy Westergren, a cybersecurity expert, published his study on the Motorola Halo+, a popular baby monitor. He revealed two severe flaws in the protocol and remote code execution (RCE) of the Motorola Halo+ that would allow threat actors to hijack the device. 

The Motorola Halo+ comprises an over-the-crib monitor, a handheld unit for parents, and a Wi-Fi-connected mobile application to monitor children that works in Full HD. 

Westergren, engineering director of US financial services company Marlette Funding discovered the flaws when he and his wife were hunting for a suitable monitor for their first child and selected the Motorola Halo+ as their preferred option. 

After securing the device, Westergren started examining its listening services and discovered a pre-authentication RCE security flaw (CVE-2021-3577) and the tools to obtain a full root shell. Examining system logs made it possible to identify the app’s API requests that gather information regarding its usage. 

The researcher also analyzed HTTP-based communication and how the app’s local API operated. Westergren was able to use local API commands to identify GET and SET lists, as well as “value” parameters that would accept user input, “potentially leading to RCE if not properly sanitized”.

Westergren then injected a reboot payload and used the device to perform the ‘set_city_timezone’ process. His action initiated a reboot, which granted the device shell access. He also discovered a flaw in the execution of MQTT (CVE-2021-3787) – an IoT messaging standard. 

Westergren identified that the client was set up to subscribe to #and $SYS/# by default, lowering Hubble device access control security. “A number of commands result from various devices. Though I did not attempt this, I think it was very likely that a client could easily control the entire device fleet by publishing arbitrary commands,” the researcher noted. 

While the product belongs to Motorola Mobility, its manufacturing unit was acquired by Lenovo in 2014. According to Westergren, after receiving the initial report, Lenovo’s security team has immediately started working on resolving the issues in Motorola Halo.

According to the latest updates from the tech giant, the first set of patches is incomplete, and as a result, the product would be delayed further. Both the RCE and MQTT problems have been fixed in firmware versions 3.50.06 and 3.50.14.
Read more »
Programming Language
Cyber Crime Hijacking Perl.com Programming Language

Perl.com, the Official Site for Perl Programming Language Hijacked

 

The domain Perl.com was made in 1994 and was the official site for the Perl programming language, it is enlisted with the registrar key-systems(.)net. An admonition went up on the perl.org foundation weblog overnight telling clients that perl.com was now directed to a parking site and exhorted against visiting "as there are some signals that it may be related to sites that have distributed malware in the past." 

“The perl.com domain was hijacked this morning and is currently pointing to a parking site. Work is ongoing to attempt to recover it.” reads the announcement published on the Perl NOC on 27th January 2021.

The hijack seems to have followed the deeply rooted way of an assailant jumping on a compromised account and swiping the domain instead of a simple expiration. The assailants changed the IP address from 151.101.2.132 to 35.186.238[.]10. After the hackers took control over the site, it was showing a clear page whose HTML contains GoDaddy parked domain scripts. 

Posting on Reddit, Brian Foy, editor on the site and writer of a few books on Perl, said: "It looks like there was an account hack. I don't know how long that would take to rewind. We're looking for people who have actual experience dealing with that situation so we can dispute the transfer." Perl.org was unaffected by the swipe. 

A look at the domain records shows the contact data is currently "REDACTED FOR PRIVACY". Gordon Lawrie – self-announced cyberlaw, trademark, and domain nerd – said that before the change Tom Christiansen was listed as the domain administrative contact. While the Perl group still can't seem to react to the solicitation for a remark, the hijacking of Christiansen's record appears to be a possibility. The expiry likewise seems to have been extended out to 26 January 2031.

Not long after the hijacking, the domain perl.com turned up as accessible to purchase for $190k on afternic.com, presently recorded as a name server in the domain record at the time of writing. The listing included other expensive domains, including piracy.com for a simple $125k, from client drawmaster. Afternic is an essential part of the GoDaddy association and, not long after when it was approached, the perl.com listing was pulled.
Read more »
User Security
EA Origin Gaming Hijacking Security flaw Security Vulnerabilities User Privacy User Security

EA Origin Security Flaw Exposed over 300 Million Gamers to Account Takeovers



In the wake of the discovery of an EA based vulnerability, EA origin has been forced to re-examine its module for security and safety as the flaw could have potentially exposed millions of gamers to account takeovers.

As per the findings and research of specialists at Check Point and CyberInt, the vulnerability affected over 300 million gaming enthusiasts playing online games namely FIFA, Madden NFL, NBA Live and Battlefield.

The vulnerability relied on an alternate authentication method known as, Access Tokens which are like passwords; by stealing a Single Sign-On authorization token, the security flaw would have given complete authority into the hands of the hackers, who further would have been able to hijack player's accounts without needing the login or password.

Stealing 'Access Tokens' can be a bit more complex than stealing passwords, however, it still is possible. It's because users have been enlightened against providing passwords on dubious websites, hackers now resort to accessing access tokens rather than the passwords. Moreover, it can be carried out behind the scenes without needing any active participation from the user.

On Wednesday, commenting on the matter, Oded Vanunu, head of products vulnerability research for Check Point, told, "EA's Origin platform is hugely popular, and if left unpatched, these flaws would have enabled hackers to hijack and exploit millions of users' accounts,"

Referencing from the statements given by Alexander Peleg in an email in the regard, "We had the vulnerabilities under control so no other party could have exploited them during the period it took EA to fix," 
Read more »
Hijacking
CyberCrime Cybersecurity. Database Compromised Hacking Hijacking

Millions of Peoples’ Data Exposed On The Dark Web Via an Unprotected Database; Hackers At Advantage

Quite recently, a badly secured database fell prey to hijacking by hackers. Millions of users’ data was exposed. It was discovered by “Shodan Search Engine” last month. An infamous hacking group is speculated to be the reason.


A gigantic database containing records of over 275 million Indian citizens was found unprotected and now in the hands of a hacking group.

The database which was exploited comes from a widely used name of “MongoDB”.

The data in it seems to have come from various job portals, in light of the fields that were found out to be of “Resume IDs”, “functional areas” and “industry”.

Along with some not so confidential information some really personal details like name, email ID, gender, date of birth, salary and mobile number were found.
Reportedly, a hacking group which goes by the name of “Unistellar group” happens to be behind the hijacking of this already unprotected database.

Immediately after the unsafe database was discovered the cyber-security expert had informed the Indian Computer Emergency Response Team but in vain.

The database was open and laid bare for anyone to advantage for at least two weeks.

The owner of the database is yet to be known and it seems that it’s owned by an anonymous person or organization.

The details of over 275 million people were out but as it turns out no Indian job portal holds information of members of such a large number. 

Read more »
Vulnerability
Breach of Security and Privacy Hijacking Vulnerability

A Critical Vulnerability Assisting Attackers in Gaining Access to Live Video Streaming




Researchers discover a rather critical vulnerability in the D-Link cloud camera that enabled attackers to hijack and intercept the camera in order to gain access to the live video streaming as well as recorded videos by means of communicating over unencrypted channel between the camera and the cloud and between the cloud and the client-side viewer app.

The communication request between the application and the camera built up over a proxy server utilizing a TCP tunnel which is the only place the traffic is encrypted. This blemish enables an attacker to play out a Man-in-the-Middle attack and intercept the said connection with the intend to spy on the victims' video streams.


 Rest of the sensitive content, like the camera IP and MAC addresses, version information, video and audio streams, and the extensive camera information are going through the unencrypted tunnel.

The vulnerability dwells in D-Link customized open source boa web server source code file called request.c which is dealing with the HTTP solicitation to the camera. For this situation, all the approaching HTTP demands or requests that handle by this file elevated to admin enabling the attacker to gain a total device access.

According to ESET Research, “No authorization is needed since the HTTP requests to the camera’s web server are automatically elevated to admin level when accessing it from a localhost IP (viewer app’s localhost is tunneled to camera localhost).”

What's more, this weakness lets the hackers to supplant the real firmware with their own fixed or backdoored variant.

An attacker, who is sitting amidst the system traffic between the viewer application and the cloud or between the cloud and the camera, can see the HTTP demands or requests for the video and audio packets utilizing the data stream of the TCP connection on the server and accordingly answer and recreate these captured packets whenever wherever.


Read more »
Trojan
email security Emotet Emotet Trojan Hijacking malware Trojan

Emotet trojan is back with a bang

Emotet gang takes their operation to a whole new level, showing why they're today's most dangerous malware. It would seem it now has taken on new tactics in the form of hijacking users old email chains and then responding from a spoofed address to portray legitimacy, this additional tactic can heighten a hackers chances when stealing financial information once a victim has been lured into clicking on said malicious content. Targeted emails appears to affect both private and public sectors, including government, particularly those that provide financial and banking services.

Emotet is a known banking Trojan, discovered five years ago, first in Europe and the USA. It started out stealing information from individuals, like credit card details. It has been lurking around since 2014 and has evolved tremendously over the years, becoming major threat that infiltrates corporate networks and spreads other strains of malware.

It injects itself into a user’s device via malspam links or attachments, with the intent to steal financial data. It targets banking emails and can sometimes deploy further attacks once inside a device.

The Emotet malware gang is now using a tactic that has been previously seen used by nation-state hackers.

The U.S. Department of Homeland Security published an alert on Emotet in July 2018, describing it as “an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans,” and warning that it’s very difficult to combat, capable of evading typical signature-based detection, and determined to spread itself. The alert explains that “Emotet infections have cost SLTT (state, local, tribal, and territorial) governments up to $1 million per incident to remediate.”

This campaign targeted mainly Chile and used living off the land techniques (LotL) to bypass Virus Total detections. This up and coming tactic uses already installed tools on a users’ device to remain undetected for as long as possible.
Read more »
Hijacking
Bug Google Chrome Hijacking

Google Warns Users to Update Their Browser Immediately Due To a Disruptive Bug




A security breach revealed by hackers on the desktop version of Chrome has driven Google into warning its users to update Chrome as soon as they can or risk having their system 'hijacked'.

A part of Chrome called FileReader is supposedly thought to have been connected with the exploit, as it clearly lets software incorporated into websites access the information stored on the user's computer.

Being the most commonly utilized internet browser on the planet, with in excess of approximately two billion active users, the search giant is quite guarded about the details of the manner in which the exploit operates so as to keep the copycat hackers from utilizing comparable methods to attempt and break into user's accounts.

The fact that the security risk 'CVE-2019-5786' wasn't identified by Google in the first place accordingly implies that Chrome browsers were 'actively under attack  ' even before a fix could be released for the users, which thusly on the other hand gave hackers a 'head start' and left the user's systems at high risk even before an update is installed.

Google's lead security engineer Justin Schuh writing on Twitter, warned users: 'Seriously update your Chrome installs... like right this minute.'  Adding later that ‘unlike previous bugs found in Chrome which have targeted third-party software linked to the browser, this bug targeted Chrome code directly. 

Therefore he says that it is 'worth' cautioning user's all the more freely as the fix expects them to make the additional stride of manually restarting the browser after the update to invalidate the exploit had been downloaded.

‘Access to bug details and links may be kept restricted until a majority of users are updated with a fix, we will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.’ says Google.

Read more »
Ransomeware
Air Traffic Aircraft Hacking Cyber Attacks Hijacking Ransomeware

Cybercriminals disturbing air traffic




Travelling via air has always been the most preferred and fastest option available to us at any given time but have we ever given a thought whether it is the safest in every context technical and cyber?

Never mind the technical mishaps that happen when least expected the accidents that occur are rare but shocking and terrible but are we aware of the dangers related to flying in the light of cyber security?

As we probably are aware, cybercriminals are driven for the most part by their thirst for money and power—and disturbing the air traffic and airport regulation helps they satisfy it. While the dominant part of these cyber security occurrences result in data breaks, but: Attacks on this imperative framework could prompt significantly more inauspicious outcomes.

Associations like the ATO and EUROCONTROL deal with the air traffic across continents, connecting with business and military bodies to control the coordination and planning of air traffic in their assigned region. These associations work firmly together, as there are numerous intercontinental flights that move across from one area then onto the next they respond quite rapidly to such episodes.
These Aviation control organisations require immaculate correspondence to work legitimately, as they are essential to keeping up the normal stream of air traffic. 

Along these lines, their related frameworks are intensely computerized which makes them the primary targets for the said cyber-attacks.

However apart from Air Traffic there are a lot more factors as well that have a specific negative effect on the transportation service. Some of the major ones being terrorist attacks, ransomeware attacks, targeted cyber-attacks in addition to the budget concerns.

Terrorists have hijacked Aircrafts before, the most known incident being 9/11, where the terrorists infiltrated onto four different air crafts, disabled the pilots. Anyway these physical, in-person hijacks are the reason behind the broad safety measures that we all experience at each major air terminal.

Despite the fact that these hijackers don't need to be physically present to cause such immense harm. As exhibited before, air crafts can be hacked remotely and malware can contaminate computer frameworks in the air crafts as well.

What's more, similar to some other industry, we likewise find numerous ransomware victims in the avionics and air traffic sector. The most popular one being air and express freight carrier FedEx that surprisingly has been a ransomeware victim twice: once through their TNT division hit by NotPetya, and once in their own conveyance unit by WannaCry.

When turning towards targeted cyberattacks the most fitting precedent is that of the IT system of Boryspil International Airport, situated in the Ukraine, which purportedly incorporated the airport's air traffic regulation system. Because of rough relations among Ukraine and Russia, attribution immediately swerved to BlackEnergy, a Russian APT group considered responsible of numerous cyberattacks on the country.

Lastly, "Where budgets are concerned, cybersecurity is treated reactively instead of proactively.
In 2017, the Air Traffic Control Aviation (ATCA) published a white paper issuing this warning as in a 2016 report by the Ponemon Institute discovered that the associations did not budget for the technical, administrative, testing, and review activities that are important to appropriately operate a  secure framework.

Bearing these factors in mind while the physical security on airports have been increased fundamentally, it appears that the cyber security of this essential framework still needs a considerable amount of work and attention, particularly remembering the sheer number of cyber-attacks on the industry that have occurred over the most recent couple of years.

The excrement will undoubtedly hit the propeller if the air traffic and cargo enterprises yet again fail to incorporate cybersecurity in their financial plan and structure propositions for the coming year.

Read more »
Subscribe to: Posts (Atom)