Aviation giant suffers data leak

Safran Group, the French-based multinational aviation company, left itself at risk of cyberattacks due to a misconfiguration of its systems.

Safran Group is known for its manufacture of surface-to-air defense systems and missiles, collaboration with Airbus, and supplying cutting-edge technologies beyond aviation, for example, the James Webb Telescope.

The Cybernews research team discovered an exposed environment (.env) file and assessed that it was publicly available for around a year and a half.

Threat actors could abuse the leaked data in the following ways:

• Decrypt cookies, hijack the session and the account;

• Create an admin account and have privileged access to a website;

• Get into the company’s database, take control over its systems, move around and access confidential documents or damage their equipment;

• Send emails and trick people into giving away sensitive information.

As per Cybernews, the aviation industry is a prime target for cybercriminals, and experts have seen a significant increase in cyberattacks against this critical industry.