Fake Airbus emails were used as phishing lure. (Photo: Airbus)
A spear-phishing campaign is targeting aviation companies, using malicious documents that deliver information-stealing malware, according to alerts from Microsoft Security Intelligence.
In a series of alerts posted on Twitter, Microsoft says it has been tracking a dynamic campaign targeting the aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers the remote access Trojan RevengeRAT, aka AsyncRAT.
Microsoft notes the campaign, which has been active in recent months, involves attackers spoofing emails of legitimate organizations with lures relevant to aviation, travel or cargo.
Attack Tactics
Aviation Industry Lacks Cohesive Cybersecurity Approach
A new study published today by the World Economic Forum (WEF) has identified the need for cybersecurity practices within the aviation sector to be unified.
The study Pathways to a Cyber Resilient Aviation Industry describes how airlines, airports, and aircraft manufacturers currently take different approaches to countering cyber-risks. It includes a warning that rising levels of interdependency within the industry can lead to systemic risks and cascading effects.
To guard against these risks, the WEF connected with leaders from 50 organizations, including ACI, EASA, IATA, and Eurocontrol, to determine how the aviation sector can prepare against future security incidents and cyber-attacks.
Aviation Sector Calls for Unified Cybersecurity Practices to Mitigate Growing Risks miragenews.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from miragenews.com Daily Mail and Mail on Sunday newspapers.