Robin’s Newsletter #379

This week

• European airport disruption after cyberattack against Collins Aerospace
• Shai-Hulud software supply-chain worm infects npm packages
• Microsoft Entra ID vulnerability allowed impersonation of any user on any tenant
• “No one actually knows” when JLR production will restart
• Two Scattered Spider teens arrested for TfL cyberattack

Interesting stats

1.5 billion Salesforce records stolen from  760 companies, via Salesloft Drift OAuth tokens, according to the ShintHunters attackers — perhaps take with a pinch of salt, though there has been a steady stream of large organisations reporting these breaches. LINK

Five things

1. Collins Aerospace has suffered a cyber-attack against its ‘Muse’ check-in and baggage system causing delays at some European airports. Brussels Airport has resorted to manual check-in using pen and paper, with “no indication yet” of when systems would be back up and running. British Airways was using a backup system at London Heathrow, where some 47% of flights across the airport were delayed on Saturday. The Muse system enables airlines to share check-in desks and departure gates, eliminating the need for dedicated IT equipment. Collins is part of RTX, a group that includes jet engine manufacturer Pratt & Whitney and Raytheon, which provide intelligence, space, and missile systems to the US and its allies. Collins has both civilian and military customers. Notably, though potentially coincidentally, Collins was awarded a NATO contract for an “electromagnetic warfare command and control system” days before the attack. I wonder if in the future we’ll see regulators considering the ‘splash damage’ of attacks against companies supplying dual-use technologies to protect civilian infrastructure? (H/t Will, Brian) DISRUPTION, CONTRACT

2. Shai-Hulud: Threat actors released a self-replicating worm against the  npm platform in a software supply-chain attack. Over 180 packages have been infected. When a developer fetches an infected package from the npm repository, TruffleHog is used to scan for credentials and API keys on their system before it is published publicly on GitHub. If the developer maintains an npm package themselves, it creates a new version of their package with the same code, to infect further people. Uploading the credentials to a public repository is a somewhat chaotic move, although presumably the attacker was primed and ready to capture credentials as they appeared. The attack appears to be an evolution of the s1ngularity attack that occurred earlier this year. Shai-Hulud is a reference to the giant sandworm in Dune. There’s a fairly limited need for package maintainers to have a fully automated publishing mechanism for their projects — requiring a human step, along with a second form of authentication, would effectively halt this type of propagation. WORM, MORE

3. Entra ID: Earlier this year, security researcher Dirk-jan Mollema discovered a major vulnerability in Microsoft’s Entra ID. A “legacy” Azure AD Graph API didn’t properly validate “Actor Tokens”, used for service-to-service communications, meaning a legitimate token from one tenant could be used to impersonate any user in any tenant. To Microsoft’s credit, they fixed the issue “within days”; however, these tokens, by their nature, are not subject to protections like Conditional Access, nor do they generate any logs, making it impossible for customers to see if they’ve been used. This was definitely a bullet dodged. Microsoft states that there is no evidence of the vulnerability being exploited, presumably because people expect such trivial checks to be thoroughly tested; however, this could have been a complete nightmare if a malicious actor had discovered it. Fair play to Mollema: I suspect they’d have been paid handsomely for it on the dark market. It’s two years (almost to the week) since Microsoft published its investigation into unauthorised access to its email platform by Chinese/Storm-0558. In that instance, Microsoft wasn’t… properly enforcing security boundaries: enterprise accounts could be accessed using a token signed by a consumer certificate. Back in April, Redmond proudly announced that the equivalent of 34,000 engineers had been working full-time for 11 months on boosting its security posture. ENTRA ID, REPORT, CVE, vol. 6, iss. 37

4. Jaguar Land Rover: An industry exec who works closely with JLR says “no one actually knows” when production would resume. One estimate puts the financial losses at £3.5 billion ($4.7B) for revenue, and £250 million ($337M) for profits. JLR is part of Indian conglomerate Tata Group, and the automakers IT and cyber security was outsourced to fellow group company, Tata Consultancy Services (TCS) in 2023 for £800 million. TCS also provides IT to Marks & Spencer and the Co-Op, both of which have suffered incidents this year, though a TCS spokesperson denied that TCS’s “systems or users” were compromised in June. No doubt this is a headache for all parts of the Tata Group. PRODUCTION, TCS

5. Scattered Spider arrests: UK police have arrested two suspects following last year’s attack on Transport for London. Thalha Jubair, 19, and Owen Flowers, 18, believed to be part of the Scattered Spider cybercrime collective, have been arrested under the Computer Misuse Act. The US Justice Department accuses Jubair of 120 cyberattacks, including against the US Court system. I suspect they’re in for a rough ride. TFL (US)

In brief

• ⚠️ Incidents: SonicWall is warning customers to reset their credentials after a breach affecting MySonicWall accounts. The incident exposed firewall configuration backup files stored by the company, which should not, on its own, make it possible for an attacker to gain access, but may provide useful insight into customer environments. Google confirmed that a fraudulent account was created, seemingly by ‘Scattered Lapsus$ Hunters’ on its law enforcement portal, though the Mountain View company says no requests were submitted from the account. Colt says it intends to “complete the majority of recovery efforts within 8-10 weeks” following a mid-August ransomware attack. The UK telco’s main services are unaffected, though some customer portals and APIs remain inaccessible. SONICWALL, GOOGLE, COLT
• 💡 Lessons learned: Attackers will look for, and use, recovery keys that you use lying around, as a SonicWall security engineer found out during a recent incident. Recovery keys can be used to bypass MFA, and should be stored in a password vault or offline, away from your main authentication details. RECOVERY KEYS
• 🕵️ Threat Intel: ESET says that Russia’s Turla and Gamaredon threat groups are collaborating. While the techniques and targeting tend to be different (the former involving lower-profile, sophisticated attacks, while the latter conducting wider-scale, more easily detectable attacks), they are both units of the same Russian agency: the FSB. RUSSIA
• 🪲 Vulnerabilities: Open AI’s Deep Research agent susceptible to prompt injections buried within email content, with researchers from Radware proving (via a verbose instruction) that it can be encouraged to look up and exfiltrate HR data to attacker controlled sites. Fortra’s GoAnywhere file transfer appliance has a ‘perfect 10’ command injection vulnerability. CVE-2025-10035 (10/10) is similar to a vulnerability patched two years ago. OPEN AI, FORTRA (ADVISORY)
• 🧑‍💻 End user and consumer: Reminder that Windows 10 reaches end of life in a few weeks. After 14th October 2025, Microsoft will provide no further security, bug, or feature updates, unless you cough up extra ($30 for home, and $61 for business customers) for a further 12 months of support. Alternatively, some may have paid big bucks for Win 10 Enterprise LTSC (Long-Term Servicing Channel), though on 9th January 2029.  WIN10
• 🛠️ Security engineering: Maybe it’s finally time we ditched CAPTCHAs? ChatGPT can be tricked into completing these tasks, potentially rendering the technique to prevent bots and spam (which puts a disproportionate burden on humans, rather than machines) obsolete. CHATGPT
• 📜 Policy & Regulation: Italy has passed an artificial intelligence law that introduces prison sentences of up to five years for creating deepfakes or manipulating content if it causes harm, or longer where perpetrators use AI to commit crimes, such as fraud and identity theft. Children under the age of 14 will need parental consent to use AI tools. The law, which aligns to the EU’s AI Act, also introduces venture funding for Italian AI, cyber, and telco firms. AI LAW
• 👮 Law Enforcement: A Labour politician has been charged over Westminster honey trap WhatsApp messages. The messages, which aimed to solicit sexually explicit images of Members of Parliament had been speculated to be the work of Chinese espionage, as it came in the wake of a government warning of Chinese targeting. HONEY TRAP (vol. 7, iss. 14)

And finally

• TUI’s website quoted a holidaymaker from Hampshire £11.5 million for a week-long holiday to Malta this week. Occasional website and pricing errors occur, but this one caught my eye because a representative from TUI told the BBC that was because Sandra Nicklin’s quote had been confused with “purchasing the resort along with naming rights to the pool”. I’d expect those to be two or three very different systems altogether. If the error was reversed, you could be in for a real estate bargain if the ‘holiday price’ was quoted to buy the whole resort (or is that a Jet2 Holiday?) TUI