Hijacking plane | Breaking Cybersecurity News | The Hacker News

A shortage of computer memory in the $2.4 billion Air Traffic Control System caused a Computer crash that resulted in the System collapse, according to an insider close to the incident. The problems began on 30 April, when a U-2 spy plane flew over southwestern US caused the air traffic control system that manages the airspace around Los Angeles' LAX airport, built by Lockheed Martin, to crash due to which hundreds of flight delayed or cancelled two weeks ago. " In theory, the same vulnerability could have been used by an attacker in a deliberate shut-down, " security experts told Reuters. Now that the " very basic limitation of the system " is known, experts showed concerns about the cyber-attacks . Sources claimed to Reuters that on April 30, 2014 the aircraft traffic failed to obtain the altitude information for a single U-2 spy plane which was flying over the area because a controller entered the altitude of the spook flight into the En Route Automation Moderni...

It is a terrifying prospect, a hack that allows an attacker to take control of plane navigation and cockpit systems has been revealed at a security conference in Europe. This was demonstrated by Hugo Teso , a researcher at security consultancy N.Runs in Germany who's also a commercial airline pilot. He explained that by building an exploit framework called Simon and a complimentary Android app that delivers attack messages, he could manipulate a plane's path as he saw fit. " You can use this system to modify approximately everything related to the navigation of the plane ," Teso told reporters. Teso found he was able to eavesdrop on the system's communications over its 1MBps link, as well as blocking information and injecting data into link.  It took three years of hunting down holes in standard systems to work out how he could use radio signals to send his own navigation commands to a plane's control system, using publicly available Flight Management System (FMS) ...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...