Chinese Warships Suspected of Signal-Jamming Passenger Jets

Attackers claiming to be part of the Chinese navy are making calls to commercial Qantas pilots midair, while GPS, comms systems, and altimeter instruments are all experiencing denial of service. [TechWeb]( Follow Dark Reading: [RSS]( March 23, 2023 LATEST SECURITY NEWS & COMMENTARY [Chinese Warships Suspected of Signal-Jamming Passenger Jets]( Attackers claiming to be part of the Chinese navy are making calls to commercial Qantas pilots midair, while GPS, comms systems, and altimeter instruments are all experiencing denial of service. [CISA Warns on Unpatched ICS Vulnerabilities Lurking in Critical Infrastructure]( The advisory comes the same week as a warning from the EU's ENISA about potential for ransomware attacks on OT systems in the transportation sector. [Attackers Are Probing for Zero-Day Vulns in Edge Infrastructure Products]( Nearly 20% of the zero-day flaws that attackers exploited in 2022 were in network, security, and IT management products, Mandiant says. [BreachForums Shuts Down in Wake of Leader's Arrest]( Administrator shutters the forum on fears that it had been breached by federal authorities but assured members it's not the end for the popular underground hacking site. [$36M BEC Fraud Attempt Narrowly Thwarted by AI]( With more than $36M nearly swindled away, an almost-successful BEC attempt in the commercial real estate space shows how sophisticated and convincing fraud attacks are becoming. [Pipeline Cybersecurity Rules Show the Need for Public-Private Partnerships]( The government should not issue infrastructure regulations without the involvement of the industries it's regulating. [How to Keep Incident Response Plans Current]( Review and update plans to minimize recovery time. Practice and a well-thumbed playbook that considers different scenarios will ensure faster recovery of critical data. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [ChatGPT Gut Check: Cybersecurity Threats Overhyped or Not?]( UK cybersecurity authorities and researchers tamp down fears that ChatGPT will overwhelm current defenses, while the CEO of OpenAI worries about its use in cyberattacks. [Custom 'Naplistener' Malware a Nightmare for Network-Based Detection]( Threat actors are using legitimate network assets and open source code to fly under the radar in data-stealing attacks using a set of custom malware bent on evasion. [Controlling Third-Party Data Risk Should Be a Top Cybersecurity Priority]( Third-party breaches have a wide effect that legacy security practices can no longer detect. [MORE]( EDITORS' CHOICE [Cybersecurity Skills Shortage, Recession Fears Drive 'Upskilling' Training Trend]( For companies, training an existing worker is cheaper than hiring, while for employees, training brings job security and more interesting work. LATESTS FROM THE EDGE [10 Vulnerabilities Types to Focus On This Year]( A new Tech Insight report examines how the enterprise attack surface is expanding and how organizations must deal with vulnerabilities in emerging technologies. LATESTS FROM DR TECHNOLOGY [IAM Startup Aembit Secures How Workloads Connect to Services]( Aembit launches from stealth with a cloud-based identity access management platform for enterprise workloads. WEBINARS - [Expert Advice for Getting the Most from Security Orchestration, Automaton & Response Enterprise Tools]( Over the past few years, many enterprises have been improving cybersecurity by implementing the Security Orchestration, Automation, and Response (SOAR) framework, which provides a path to collect threat data from multiple sources and respond to some security events automatically. How ... - [Building Out the Best Response Playbook for Ransomware Attacks]( When ransomware locks up your business's critical data and essential gear, there is no time to panic. The organization needs answers fast: Is the infection going to spread to other endpoints? Will the attackers publicly dump the stolen information? How ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Evaluator's Guide for Managed Detection and Response (MDR) Services]( - [The Relationship Between Security Maturity and Business Enablement]( - [How to Simplify Security with a Cybersecurity Mesh Architecture]( - [Top Three Considerations To Build, Deploy, and Run Your Application Journey]( - [Cloud Journey Migration Stage: Adaptive Cloud Security]( - [Attack Surface Management v2.0 by Brad LaPorte]( - [Seven Ways to Avoid the Nightmare of a Cloud Misconfiguration Attack]( [View More White Papers >>]( FEATURED REPORTS - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Vectra Unifies AI-Driven Behavior-Based Detection and Signature-Based Detection]( [XM Cyber Announces Acquisition of Confluera, Adding Run-Time Protection on Cloud Workloads]( [Lightspin Launches Remediation Hub to Identify and Fix Cloud Security Threats]( [Kaspersky Survey Finds One in Three Users Have Experienced CryptoTheft]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Shoring Up the Software Supply Chain Across Enterprise Applications]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)