cyber Cyber Attack

Safran

Oct 7, 2023 1 min read
Safran

The Cybernews investigative team recently found that Safran, a worldwide aviation firm with headquarters in France, was leaking critical data as a result of incorrect system settings.

The company was exposed to a long-term danger of cyberattacks because of the vulnerability.

When Cybernews contacted Safran Group about the leak discovered by researchers, the misconfiguration had already been corrected.

The JSON Web Token (JWT) key, MySQL credentials, and Simple Mail Transfer Protocol (SMTP) credentials for the "no-reply" email were among the sensitive data that were stolen.

Source: https://securityaffairs.com/143505/security/safran-group-leaks-sensitive-data.html

TPRM report: https://scoringcyber.rankiteo.com/company/safran

"id": "saf04481023",
"linkid": "safran",
"type": "Data Leak",
"date": "03/2023",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Aviation',
                        'location': 'France',
                        'name': 'Safran',
                        'type': 'Corporation'}],
 'attack_vector': 'Misconfiguration',
 'data_breach': {'type_of_data_compromised': ['JWT key',
                                              'MySQL credentials',
                                              'SMTP credentials']},
 'description': 'The Cybernews investigative team recently found that Safran, '
                'a worldwide aviation firm with headquarters in France, was '
                'leaking critical data as a result of incorrect system '
                'settings. The company was exposed to a long-term danger of '
                'cyberattacks because of the vulnerability. When Cybernews '
                'contacted Safran Group about the leak discovered by '
                'researchers, the misconfiguration had already been corrected. '
                'The JSON Web Token (JWT) key, MySQL credentials, and Simple '
                "Mail Transfer Protocol (SMTP) credentials for the 'no-reply' "
                'email were among the sensitive data that were stolen.',
 'impact': {'data_compromised': ['JWT key',
                                 'MySQL credentials',
                                 'SMTP credentials']},
 'post_incident_analysis': {'corrective_actions': 'Misconfiguration corrected',
                            'root_causes': 'Incorrect System Settings'},
 'references': [{'source': 'Cybernews'}],
 'response': {'remediation_measures': 'Misconfiguration corrected'},
 'title': 'Safran Data Leak Due to Misconfiguration',
 'type': 'Data Leak',
 'vulnerability_exploited': 'Incorrect System Settings'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.