Two notes on transportation cyber security appear today. The more alarming is a warning, disclosed by Boeing and reissued by the US Federal Aviation Administration, of an "integer-overflow-like bug" in Boeing Dreamliners' electrical power generation software. Over time the flaw tends to produce engine unreliability. The other warning comes from CyberKeel, which finds poor patch management practices pervading maritime shipping sector sites.
Several large spam campaigns are reported underway, many of them serving up ransomware.
Malwarebytes has noticed a change in traffic patterns associated with the Fiesta exploit kit. (The Fiesta kit has recently been used to deliver ransomware.) The SANS Internet Storm Center asks for help identifying current Fiesta payloads.
Looking at international cyber conflict, Sino-American quarrels over IP theft (a US concern) and censorship evasion (a Chinese concern) continue.
Cyberrioting flares from Southwest Asia, where Armenian and Turkish hacktivists attack each other's governments' sites amid mutual resentment provoked by the Pope calling the Armenian genocide "genocide." Other hacktivists, nominally pro-Palestinian but whose work looks more like that of script-kiddie skids, deface sites in India and Malaysia.
An Anonymous faction claims to have compromised the World Trade Organization.
Rutgers University continues to recover from a cyber attack disclosed last week.
US Cyber Command issued a request for proposals as it seeks to outsource some $475 million in work, a partial response to a labor market that's pinching security operations in both public and private enterprises.
The US Commerce Department plans a May cyber trade mission to Poland and Romania.