Tag Archive for: Aerospace

Hackers Impersonate Meta Recruiter to Target Aerospace Firm

/in


Cyberwarfare / Nation-State Attacks
,
Fraud Management & Cybercrime
,
Social Engineering

Lazarus Deploys New Backdoor to Target Aerospace Firm

Vasudevan Nair
October 1, 2023    

Hackers Impersonate Meta Recruiter to Target Aerospace Firm

Researchers discovered an undocumented backdoor named LightlessCan being used by the North Korea-backed Lazarus Group to target a Spanish aerospace company.

See Also: Live Webinar | Cyber Resilience: Recovering from a Ransomware Attack

Eset researchers said an employee of the aerospace firm was lured with a fake job opportunity. The attacker masquerading as a Meta recruiter and tricked the victim into downloading and executing the malicious codes on a company device.

The hackers obtained initial access to the company’s network last year after a successful spear-phishing campaign and masquerading as a recruiter for Meta.

The ongoing attack campaign called “Operation DreamJob” is run by Lazarus, where a fake recruiter reach out to the victim via LinkedIn and sends two coding challenges required as part of the hiring process.

“The most worrying aspect of the attack is the new type of payload, LightlessCan, a complex and possibly evolving tool that exhibits a high level of sophistication in its design and operation, representing a significant advancement in malicious capabilities compared to its predecessor, BlindingCan,” researchers said.

Recently, federal authorities warned of “significant risk” for potential attacks on healthcare and public health sector entities by the Lazarus group involving exploitation of a critical vulnerability in 24 ManageEngine IT management tools from Zoho.

The alert issued by the U.S. Department of Health and Human Services’ Health Sector…

Source…

7 Aerospace and Defense Leaders: Leading the Skies and Securing the Nation

/in


Aerospace and defense leaders are indispensable in bolstering national security and safeguarding the well-being of United States citizens. They are at the forefront of supplying cutting-edge equipment, advanced weaponry, and sophisticated systems to maintain aerial supremacy and assert dominance in the face of imminent threats. Their unwavering commitment to innovation and expertise empowers the nation’s military forces and reinforces the defense capabilities of one of the world’s foremost military powers.

Let’s delve into the profiles of seven exceptional individuals who have emerged as vanguards in these critical industries. Learn about their remarkable contributions, groundbreaking achievements, and the indelible impact they have made in leading the skies and securing the nation.

1. John Albers, President & Chief Executive Officer at Albers Aerospace

John Albers, President & Chief Executive Officer at Albers Aerospace; aerospace and defense leaders

Photo from Albers Aerospace Official Website

John Albers is an accomplished industry veteran with over two decades of senior leadership and operational experience in the aerospace and defense markets. He serves as the President and Chief Executive Officer at Albers Aerospace.

Before serving in private aerospace and defense sectors, Albers has been with the military for most of his career. He served in increasing responsibilities for different U.S. Navy and Marine Corps divisions. Ultimately, he retired in July 2014 as the military team leads for the CH-53K PM program of the Marine Corps.

After serving in the military, he was assigned the Senior Manager position in Systems Engineering at Raytheon and Business Development Executive at Camtech LLC. In 2014, he assumed the responsibility of President and Chief Executive Officer at Albers Aerospace.

Albers Aerospace’s President & Chief Executive Officer Roles and Responsibilities

As the President and Chief Executive Officer at Albers Aerospace, John Albers leads the company’s portfolio for three business units: (1) manufacturing; (2) engineering, aviation, and MRO (maintenance, repair, and operations); and (3) innovative technologies. He’s also the company’s founder and majority owner.

About Albers Aerospace

Albers Aerospace offers broad capabilities and solutions…

Source…

“PowerDrop” PowerShell Malware Targets US Aerospace Industry

/in


A new PowerShell malware script named “PowerDrop” has been discovered to be used in attacks targeting the aerospace defense industry in the US.

The malware was discovered by security researchers at Adlumin, who last month found a sample of the malware in a defense contractor’s network.

On Tuesday, the Adlumin team published an advisory about PowerDrop, saying the malware “straddles the line between a ‘basic off-the-shelf threat’ and tactics used by Advanced Persistent Threat Groups (APTs).”

PowerDrop relies on advanced techniques to evade detection, including deception, encoding and encryption.

“The code for PowerDrop appears to be custom, designed to be stealthy and evade detection, executed via WMI, does not reside on disk, uses uncommon methods for communication and exfiltration of data and is not available as an off-the-shelf product,” explained James Lively, endpoint security research specialist at Tanium.

“[However], based on the capabilities of PowerDrop, how they are implemented, and how the threat actor is using PowerDrop in the aerospace industry, it is indicative of Advanced Persistent Threat (APT) activity.”

Andrew Barratt, vice president at Coalfire, added that criminal actors typically utilize PowerShell because of its extensive range of features and its capability to avoid detection by leveraging existing infrastructure in commonly used computing environments.

“These are useful because they can be easily dropped into a working environment by email or USB and don’t require a sophisticated zero-day to be burned as part of the attack,” Barratt added.

“The US and allies’ primary weapons system’s manufacturers should be on high alert for this activity and be critically monitoring their supply chains in case they become a source of attack.”

Read more on PowerShell malware: Microsoft Blames Clop Affiliate for PaperCut Attacks

Adlumin stated in their advisory that the perpetrator behind PowerDrop had not been specifically identified, but they suspect that nation-state hackers may be involved. 

“The absence of a clear attribution to a specific threat actor further deepens the mystery surrounding PowerDrop,” said Craig…

Source…

MAG Aerospace Wins $258M Army Program Executive Office Intelligence, Electronic Warfare and Sensors (PEO IEW&S) Project Manager Electronic Warfare & Cyber (PM EW&C) Systems Engineering Technical Assistance Contract. – goskagit.com

/in



MAG Aerospace Wins $258M Army Program Executive Office Intelligence, Electronic Warfare and Sensors (PEO IEW&S) Project Manager Electronic Warfare & Cyber (PM EW&C) Systems Engineering Technical Assistance Contract.  goskagit.com

Source…