Safety Alert for Thousands of Tourist Planes as Flying Technology Could be Hacked

Boeing’s Onboard Performance Tool is a mobile app that uses data such as weather and weight for pilots to make safety calculations. Recently, researchers found a potential issue that could allow hackers to trick pilots into using the wrong settings, which could cause a crash by messing with the data. The US Federal Aviation Administration issued a safety alert early in August after researchers identified the problem.

The company stated that it was unaware of planes being affected by the issue. On this matter, a Boeing spokesman said: “We are committed to evaluating original research that is conducted and shared in a responsible manner and thank Pen Test Partners for their professionalism and collaboration.” Boeing’s boss also expressed his opinion, stating that the app could have been calculating the wrong data for pilots and that hackers could secretly changed the length of airport runways.

The Boeing alert comes amid some concerns about airline software safety. Last year, Tui pilots were reportedly using incorrect settings due to software that made them believe the plane was lighter than it was. The program reportedly mistakenly recorded all passengers titled ‘Miss’ as having a child’s weight instead of an adult’s, causing the program to miscalculate weight.

According to Tui, its systems have been upgraded since the reported issue.

Read: https://www.thesun.co.uk/travel/19643033/worldwide-safety-alert-tourist-planes/


IRS leaks private information for 120,000 tax payers

The ones affected by the data leak are those who filed form 990-T as part of their tax returns.

“For regular taxpayers, these forms are meant to be confidential and seen only by the IRS. However, for nonprofits, a Form 990-T must be available for public inspection for three years. On Friday, the IRS disclosed that in addition to sharing Form 990-T data for charities, they also accidentally included data for taxpayers’ IRAs that was not meant to be public. ”

The IRS states that the data leak only included names, contact information and reported income in those forms. There was no leak of detailed account holder information, social security numbers or individual tax returns.

The data has been removed and the IRS will send notifications to affected tax payers.

Read: https://www.bleepingcomputer.com/news/security/irs-data-leak-exposes-personal-info-of-120-000-taxpayers/

Xcel customers locked out of their thermostats

In Colorado, during an “energy emergency” customers were locked out their thermostats. While temperatures outside were in the 90s Fahrenheit (30+ Celsius) homeowners were unable to adjust their indoor temperatures.

Xcel has an incentive program where they give whoever signs up $100 on signup and $25 annually to help save energy. As part of this program, they agree to give up some control for the greater good.

The number of customers affected was estimated to be 22,000 on Tuesday.

Read: https://www.thedenverchannel.com/news/contact-denver7/thousands-of-xcel-customers-locked-out-of-thermostats-during-energy-emergency

Saudi “snitching” app distributed by Apple and Google

In Saudi Arabia, citizens can download a “snitching” app which they can use to report their neighbours and acquaintances to authorities for wrongthink. In some cases sending them to prison for years, as is the case for one academic who criticized the government and in August received a 30-year prison sentence.

The app is called “Kollona Ann” and is available via both Apple and Google Play stores (in Saudi Arabia – searching for it here in Canada seems to yield no results, so it also appears that at least Apple is enabling the obfuscating of the visibility of the app to non-Saudis)

“Kollona Amn, launched by the Saudi interior ministry in 2017, has made it possible to report comments critical of the regime or behavior deemed offensive by the theocracy with a few clicks. “

As far as we can tell, nobody in Saudi Arabia has been executed, yet, as the result of being snitched out by Kollana Anna.

Read: https://www.businessinsider.com/saudi-arabia-mbs-human-rights-violations-apple-google-app-store-2022-9

Tips to Keep Employees and Company Data Safe While Traveling

People are more than ready to travel now that remote work is at its peak and COVID restrictions have dropped for US flying. However, cybersecurity will have to be added to travelers’ packing lists, with 70% of people unknowingly taking part in risky behaviors that might expose them. Whether employees are charging their phones at airports, scrolling through social media, or sending off work emails while vacationing, here are some basic cybersecurity steps businesses should recommend to keep employees and company data safe while traveling.

Tip #1 – Think ahead when packing: It is essential to think ahead when it comes to traveling, and the unpleasant “what ifs” are no exception. One of these possibilities is losing electronic devices such as laptops and smartphones. Employees are recommended to back up their data regularly (especially before vacation) to ensure recovery of what was on the devices. When traveling internationally, consider the different cultural aspects and legislations that can cause potential risks to information security.

Tip #2 – Charge before you go: Airports are a hacker’s playground, thanks to the influx of people who come and go daily. If they get a traveler’s information, they could access payment and sensitive company details. These scammers work through various schemes, including fake hotspots, installing malware, USB connections, and more. It is recommended for employees to avoid charging their phones at the airport, opting for portable chargers, or using a regular wall to prevent the chances of being hacked.

Tip #3 – Avoid hotel hazards: Hotels are the perfect breeding ground for cybersecurity issues thanks to the vast amounts of financial transactions, loyalty programs, databases used to store personal data, and being a temporary home to travelers. Using the hotel’s Wi-Fi allows hackers to forge digital certificates that can appear on a victim’s device, showing the download of software such as Adobe, where the victim receives a malicious notification. It is recommended for employees to use a VPN to protect their data and business information.

Read:
https://www.cpomagazine.com/cyber-security/vacation-essentials-passport-sunscreen-cybersecurity/

Experts Predict That Global Ransomware Damages Will Surpass $30b by 2023

Acronis, a Swiss cybersecurity company, reports that half of the breaches in 2022 involved stolen credentials. According to its report, the focus of hackers’ attacks has been on launching ransomware attacks, which continue to harm medium-sized businesses, including government organizations.

Attackers primarily obtained these credentials through phishing, with 600 malicious email campaigns being sent over the internet in 2022. They also now target software vulnerabilities to extract data from international security services.

The Swiss firm predicts that global ransomware damages will exceed $30b by 2023 and that a multi-layered solution is needed to protect against the threat.

Read: https://www.infosecurity-magazine.com/news/ransomware-exceed-30bn-dollars-2023/

More Than 111,000 Users Infected With Copies of Popular Software

A Turkish-speaking operation named Nitrokod has been attributed to a crypto mining campaign impersonating a desktop app for Google Translate, infecting over 111,000 victims in 11 countries since 2019.

A double-click is all it takes for Nitrokod to be downloaded and installed, says Maya Horowitz, Check Point’s vice president of research. The UK, the US, Sri Lanka, Greece, Israel, Germany, Turkey, Cyprus, Australia, Mongolia, and Poland are among the countries that have been affected by the virus.

The campaign intends to serve malware through free software on popular sites like Softpedia and Uptodown, even putting off its execution for weeks and separating malicious activity from the fake software to avoid getting caught. After installing the program, a connection to a C2 (command-and-control) server will retrieve a configuration file to begin the coin mining activity.

Something about the Nitrokod campaign is that the fake software offered for free is for services without a desktop version, such as Yandex Translate, Microsoft Translate, YouTube Music, MP3 Download Manager, and Pc Auto Shutdown. Therefore, the malware is dropped almost a month after infection; when the forensic trail is detected, it becomes challenging to break down the attack and trace it back to the installer.

Read: https://thehackernews.com/2022/08/nitrokod-crypto-miner-infected-over.html

Vendor’s ransomware fallout affects Common Ground plan members

The Common Ground Healthcare Cooperative has informed 133,714 members that their data has likely been accessed after one of its mailing vendors, OneTouchPoint, was hacked.

The company previously issued a notice on behalf of 30 health plans, impacting 1.07m individuals. The investigation found that access was gained through its systems the day before deploying the malware. However, the vendor could not determine any of the files that the attacker got to access.

Some of the information contained by the hacked servers include member names, IDs, dates of birth, contact info, diagnosis, description of services and personal data provided during health assessments, and even Social Security numbers. Since the incident, OTP has reported to regulators and law enforcement, taking steps to strengthen its security safeguards, policies, and procedures.

Read: https://www.scmagazine.com/analysis/ransomware/134k-common-ground-plan-members-added-to-vendors-ransomware-fallout

Elsewhere Online

Over 1.2m Ransomware cyber attacks per month in H12022
Read: https://www.business-standard.com/article/technology/ransomware-cyber-attacks-spike-to-over-1-2-mn-per-month-in-h12022-122082800252_1.htm

Sources Tools for Finding Vulnerabilities in C, C++ Code are Opened by Galois
Read: https://www.securityweek.com/galois-open-sources-tools-finding-vulnerabilities-c-c-code

Thailand: Researchers discover a leaked PII stolen from the Department of Medical Sciences
Read: https://securityaffairs.co/wordpress/134952/deep-web/covid-19-data-dark-web.html

Over 9,000 Exposed VNC Servers Discovered, Including Some Containing Critical Infrastructure Read: https://www.cpomagazine.com/cyber-security/security-researchers-discover-over-9000-exposed-vnc-servers-including-critical-infrastructure/

Mobile Banking’s latest cyber threat
Read: https://www.thehindu.com/sci-tech/technology/the-cyber-threat-to-mobile-banking/article65821978.ece