logo
ENع
#

Latest news with #UNC3944

Tech firms warn 'Scattered Spider' hacks are targeting aviation sector
Tech firms warn 'Scattered Spider' hacks are targeting aviation sector

The Hindu

time12 hours ago

  • Business
  • The Hindu

Tech firms warn 'Scattered Spider' hacks are targeting aviation sector

Tech companies Google and Palo Alto Networks are sounding the alarm over the "Scattered Spider" hacking group's interest in the aviation sector. In a statement posted on LinkedIn on Friday, Sam Rubin, an executive at Palo Alto's cybersecurity-focused Unit 42, said his company had "observed Muddled Libra (also known as Scattered Spider) targeting the aviation industry." In a similar statement, Charles Carmakal, an executive with Alphabet-owned Google's cybersecurity-focused Mandiant unit, said his company was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider." Neither executive identified which specific companies had been targeted, but Alaska Air Group-owned Hawaiian Airlines and Canada's WestJet have both recently reported being struck by unspecified cyber incidents. Neither company has gone into detail about the intrusions or commented on any potential links between the incidents and Scattered Spider. The loose-knit but aggressive hacking group, alleged to at least in part comprise youngsters operating in Western countries, has been blamed for some of the most disruptive hacks to hit the United States and Europe in recent memory. In 2023, hackers tied to the group broke into gaming companies MGM Resorts and Caesars Entertainment, partially paralysing casinos and knocking slot machines out of commission. Earlier this year, the group wreaked havoc at British retailers. More recent targets include the U.S. insurance industry.

Tech firms warn 'Scattered Spider' hacks are targeting aviation sector
Tech firms warn 'Scattered Spider' hacks are targeting aviation sector

Business Times

timea day ago

  • Business
  • Business Times

Tech firms warn 'Scattered Spider' hacks are targeting aviation sector

[WASHINGTON] Tech companies Google and Palo Alto Networks are sounding the alarm over the 'Scattered Spider' hacking group's interest in the aviation sector. In a statement posted on LinkedIn on Friday, Sam Rubin, an executive at Palo Alto's cybersecurity-focused Unit 42, said his company had 'observed Muddled Libra (also known as Scattered Spider) targeting the aviation industry'. In a similar statement, Charles Carmakal, an executive with Alphabet-owned Google's cybersecurity-focused Mandiant unit, said his company was 'aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider.' Neither executive identified which specific companies had been targeted, but Alaska Air Group-owned Hawaiian Airlines and Canada's WestJet have both recently reported being struck by unspecified cyber incidents. Neither company has gone into detail about the intrusions or commented on any potential links between the incidents and Scattered Spider. The loose-knit but aggressive hacking group, alleged to at least in part comprise youngsters operating in Western countries, has been blamed for some of the most disruptive hacks to hit the US and Europe in recent memory. In 2023, hackers tied to the group broke into gaming companies MGM Resorts and Caesars Entertainment, partially paralysing casinos and knocking slot machines out of commission. Earlier this year, the group wreaked havoc at British retailers. More recent targets include the US insurance industry. REUTERS

A notorious hacker group is now targeting the aviation industry, the FBI says
A notorious hacker group is now targeting the aviation industry, the FBI says

Business Insider

time2 days ago

  • Business
  • Business Insider

A notorious hacker group is now targeting the aviation industry, the FBI says

According to an FBI warning, a notorious cybercriminal group known as Scattered Spider is deceiving IT help desks into targeting the US airline industry. Scattered Spider gained attention in 2023 for hacking both MGM Resorts and Caesars Entertainment within a week of each other. "These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access," the FBI said on X. "These techniques frequently involve methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts." The FBI said the group is focused on large corporations and their third-party IT providers, so "anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk." "Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware," the agency said. The FBI did not indicate that the actions affect airline safety. Charles Carmakal, the chief technology officer at Google's Mandiant, a cybersecurity firm and subsidiary of Google Cloud, said on LinkedIn that the firm was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider." "We recommend that the industry immediately take steps to tighten up their help desk identity verification processes prior to adding new phone numbers to employee/contractor accounts (which can be used by the threat actor to perform self-service password resets), reset passwords, add devices to MFA solutions, or provide employee information (e.g. employee IDs) that could be used for a subsequent social engineering attacks," he said. Unit 42, a cybersecurity threat research team that is part of the larger Palo Alto Networks cybersecurity corporation, said it also observed Scattered Spider targeting the aviation industry. "Organizations should be on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests," Sam Rubin, senior vice president of consulting and threat intelligence for Unit 42, said on LinkedIn on Friday. Canada's WestJet announced earlier this month that it had uncovered a "cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users." A spokesperson told Business Insider the company has made "significant progress" regarding the matter, and investigations were ongoing. Hawaiian Airlines also said on Thursday that it experienced a "cybersecurity event" that affected some of its IT systems. "We continue to safely operate our full flight schedule, and guest travel is not impacted," the company said in a press release.

A notorious hacker group is now targeting the aviation industry, the FBI says
A notorious hacker group is now targeting the aviation industry, the FBI says

Business Insider

time2 days ago

  • Business
  • Business Insider

A notorious hacker group is now targeting the aviation industry, the FBI says

Even IT pros are susceptible to hackers these days. According to an FBI warning, a notorious cybercriminal group known as Scattered Spider is deceiving IT help desks into targeting the US airline industry. Scattered Spider gained attention in 2023 for hacking both MGM Resorts and Caesars Entertainment within a week of each other. "These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access," the FBI said on X. "These techniques frequently involve methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts." The FBI said the group is focused on large corporations and their third-party IT providers, so "anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk." "Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware," the agency said. The FBI did not indicate that the actions affect airline safety. Charles Carmakal, the chief technology officer at Google's Mandiant, a cybersecurity firm and subsidiary of Google Cloud, said on LinkedIn that the firm was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider." "We recommend that the industry immediately take steps to tighten up their help desk identity verification processes prior to adding new phone numbers to employee/contractor accounts (which can be used by the threat actor to perform self-service password resets), reset passwords, add devices to MFA solutions, or provide employee information (e.g. employee IDs) that could be used for a subsequent social engineering attacks," he said. Unit 42, a cybersecurity threat research team that is part of the larger Palo Alto Networks cybersecurity corporation, said it also observed Scattered Spider targeting the aviation industry. "Organizations should be on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests," Sam Rubin, senior vice president of consulting and threat intelligence for Unit 42, said on LinkedIn on Friday. Canada's WestJet announced earlier this month that it had uncovered a "cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users." A spokesperson told Business Insider the company has made "significant progress" regarding the matter, and investigations were ongoing. Hawaiian Airlines also said on Thursday that it experienced a "cybersecurity event" that affected some of its IT systems. "We continue to safely operate our full flight schedule, and guest travel is not impacted," the company said in a press release. Neither airline provided details about who or what caused the cybersecurity incidents. A Southwest Airlines spokesperson said that its systems had not been compromised.

Tech firms warn 'Scattered Spider' hacks are targeting aviation sector
Tech firms warn 'Scattered Spider' hacks are targeting aviation sector

Time of India

time2 days ago

  • Business
  • Time of India

Tech firms warn 'Scattered Spider' hacks are targeting aviation sector

Academy Empower your mind, elevate your skills Tech companies Google and Palo Alto Networks are sounding the alarm over the "Scattered Spider" hacking group's interest in the aviation a statement posted on LinkedIn on Friday, Sam Rubin, an executive at Palo Alto's cybersecurity-focused Unit 42, said his company had "observed Muddled Libra (also known as Scattered Spider) targeting the aviation industry."In a similar statement, Charles Carmakal, an executive with Alphabet-owned Google's cybersecurity-focused Mandiant unit , said his company was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider."Neither executive identified which specific companies had been targeted, but Alaska Air Group-owned Hawaiian Airlines and Canada's WestJet have both recently reported being struck by unspecified cyber company has gone into detail about the intrusions or commented on any potential links between the incidents and Scattered loose-knit but aggressive hacking group, alleged to at least in part comprise youngsters operating in Western countries, has been blamed for some of the most disruptive hacks to hit the United States and Europe in recent 2023, hackers tied to the group broke into gaming companies MGM Resorts and Caesars Entertainment, partially paralyzing casinos and knocking slot machines out of this year, the group wreaked havoc at British retailers. More recent targets include the U.S. insurance industry.

DOWNLOAD THE APP

Get Started Now: Download the App

Ready to dive into a world of global content with local flavor? Download Daily8 app today from your preferred app store and start exploring.
app-storeplay-store