Embedded System Flaws Put Airlines at Risk, Researchers Reveal
eWEEK – Today’s topics include IOActive announcing research showing embedded systems exposing airlines to risk, and Arista agreeing to pay Cisco Systems $400 million in a patent settlement. According to IOActive researchers, multiple systems on modern airliners are potentially at risk from a series of vulnerabilities. These flaws expose supply chain risks, where an embedded software technology puts a larger platform at risk.
Popular platforms have ‘major vulnerabilities’ to data theft
Citywire – Some of the UK’s most popular trading platforms have ‘major vulnerabilities’ to data theft and the sector generally lags far behind the banks in terms of user security, researchers have warned. Security consultant IOActive came to the conclusion after reviewing 16 desktop apps, 34 mobile apps and 30 websites over the course of more than a year’s research. While the house focused on the most popular US platforms, many offer sister apps in the UK Google Play store.
Satellite Flaws Raise Aviation Fears
Infosecurity – Security researchers have revealed new vulnerabilities in satellite communication and on-board operating systems with potentially critical safety implications for the aviation and maritime industries. IOActive’s Ruben Santamarta authored the first paper, launched at Black Hat yesterday, which is a follow-up to his 2014 research on satcom vulnerabilities.
IoT malware found hitting airplanes’ SATCOM systems
HelpNetSecurity – In 2014, IOActive researchers revealed security vulnerabilities they found in the most widely deployed satellite communications terminals and presented potential scenarios attackers could exploit once SATCOM systems have been compromised in the aviation, maritime, and military sectors. In 2018, they demonstrated that some of these theoretical scenarios are, unfortunately, still actually possible.
Warning over satellite security bugs
BBC – Satellite systems used on aircraft, ships and by the military contain bugs that could let hackers take control of them, a security researcher has warned. The worst bugs could let attackers overcharge satellite antenna to damage the equipment or harm operators. And others could be used to betray the exact location of military forces in crisis zones, the researcher said. IOActive, which found the bugs, said it was working with manufacturers to harden devices against attack.

 
            