Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

Airbus Cyber Attack: Over 3,200 Vendor Data Accessed by Hackers

According to recent reports, a threat actor has compromised the confidential information of 3,200 Airbus vendors. The exposed data includes sensitive details such as names, phone numbers, and email addresses.

In addition, the perpetrator behind the recent attack announced their intention to target Lockheed Martin and Raytheon in upcoming attacks. The actor, known as “USDoD,” had previously sold the FBI’s sharing system database, InfraGrad, in December 2022.

From “Breached” Forum to “BreachForum”

“USDoD” posted the sale of the InfraGrad database in the formerly renowned “Breached” forum in December 2022, which was pursued by the FBI, resulting in authorities’ seizure of the domain. 

After this, threat actors, including “USDoD,” needed a platform for selling stolen data, forming “BreachForums.” In September 2023, the threat actor posted two threads in the BreachForums with two statements.

Airbus Cyber Attack
Airbus Cyber Attack
sample of leaked data (Source: Hudsonrock)

One thread mentioned that USDoD has been officially a member of the “Ransomed” ransomware group responsible for attacking most companies during September 2023. The second thread was much more enjoyable about the Airbus data leak.

Origin from Turkish Airline Employee

According to information shared with Cyber Security News, the source of this breach can be traced back to an employee of a Turkish airline who had obtained an illegal copy of a Microsoft .NET framework. This ultimately led to the spread of the RedLine malware, which is designed to collect sensitive information without the user’s knowledge or consent.

Threat actors gained access to the credentials from the affected system and used it for the initial attack vector.

Airbus Cyber Attack
Airbus CERT confirming the initial access

Other reports indicate that info-stealer infections have surged 6000% since 2018, which points them out as the primary attack vector threat actors adopt in executing cyberattacks.

complete report about the cyber attack has been published, providing detailed information about the attack vector, origination, and other information.

It is recommended that organizations make sure about the restrictions of unauthorized software downloads by their employees and prohibit the use of pirated software in Organisational assets.

Source: https://cybersecuritynews.com/airbus-cyber-attack/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

In recent findings from Check Point Research, a significant phishing attack targeting more than 40 prominent Colombian companies has been uncovered.  The attackers behind this campaign...

Cyber Security

A group of Researchers unearthed critical code Proton Mail vulnerabilities that could have jeopardized the security of Proton Mail, a renowned privacy-focused webmail service. ...

Cyber Security

Telegram Messenger offers global, cloud-based instant messaging with several features:- Cybersecurity researchers at Securlist recently found several Telegram mods on Google Play in various...

Cyber Security

Zero Trust Data Access (ZTDA) constitutes a fundamental aspect of the wider Zero Trust security framework, which entails limiting data access. The Zero Trust security approach...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO