October 29, 2023 at 10:36PM
Notorious ransomware gang LockBit reportedly stole sensitive data from aerospace outfit Boeing, threatening to expose it if Boeing does not engage with them by November 2nd. Boeing is currently investigating the claim. If the data breach is confirmed, the ramifications could be significant as Boeing works with military clients and is building new Air Force One presidential planes. LockBit has a history of successful attacks and is known for publicizing its exploits.
Takeaways:
1. Aerospace company Boeing is investigating a claim made by the ransomware gang LockBit that they have exfiltrated sensitive data from the company. If true, this could have significant repercussions given Boeing’s work for military clients and the construction of Air Force One.
2. Las Vegas’s Clark County School District experienced a breach that resulted in personal information, including student and parent data, being released online. The extent of the breach is still being assessed, but the district has taken measures to secure its email environment and notify those affected.
3. Mozilla released patches for Firefox and Thunderbird to address various vulnerabilities, including clickjacking and cross-site scripting issues. Google also patched security issues in Chrome, including a high-risk vulnerability related to heap corruption.
4. Multiple vulnerabilities have been identified in Cisco Catalyst SD-WAN Manager, Sielco PolyEco FM transmitters, Sielco analog FM transmitters, BD’s Alaris infusion pump software, and Rockwell Automation’s FactoryTalk Services Platform.
5. The US Cybersecurity and Infrastructure Security Agency (CISA) expressed concern over a proposed 25% budget cut, stating that it would impact their ability to address risks and allow adversaries to exploit vulnerabilities.
6. The Nigerian Police Force (NPF) has arrested six individuals involved in a cyber crime syndicate operating in Abuja. The group is suspected of engaging in identity theft, hacking, compromised account trading, romance scams, and other computer-related fraud. The investigation is ongoing, with efforts to apprehend additional members underway.