ARINC SelfServ vMUSE devices are down in airports worldwide, they do self service check in.
Uncategorized
23
Posts
3
Posters
2
Views
-
ARINC SelfServ vMUSE devices are down in airports worldwide, they do self service check in. They’re connected to navAviNet aka ARINC Ground Network, managed by Collins Aerospace, who are owned by RTX.
An attacker got onto to the shared network.
-
ARINC SelfServ vMUSE devices are down in airports worldwide, they do self service check in. They’re connected to navAviNet aka ARINC Ground Network, managed by Collins Aerospace, who are owned by RTX.
An attacker got onto to the shared network.
RTX is Raytheon btw, a large cybersecurity provider. Looking into it.. but so far, looks like e-crime.
-
RTX is Raytheon btw, a large cybersecurity provider. Looking into it.. but so far, looks like e-crime.
The systems impacted are in ARINC Multi-User System Environment (MUSE™) aka Rockwell Collins’ ARINC vMUSE™. This is like the corporate centipede of acquisitions!
-
The systems impacted are in ARINC Multi-User System Environment (MUSE™) aka Rockwell Collins’ ARINC vMUSE™. This is like the corporate centipede of acquisitions!
Shodan dork if you wanna rubberneck:
org:"ARINC INCORPORATED"
6x AnyConnect VPN boxes offline
-
Shodan dork if you wanna rubberneck:
org:"ARINC INCORPORATED"
6x AnyConnect VPN boxes offline
BBC good reporting on the ground impact
In theory it should be minimal but in practice airlines have automated many jobs so we’ll see.
-
BBC good reporting on the ground impact
In theory it should be minimal but in practice airlines have automated many jobs so we’ll see.
@GossiTheDog Given how much airlines are pushing people towards self service check-in and as a result how few staff they have on check-in desks in some cases…
I’m not sure it will be quite such a minimal impact
-
@GossiTheDog Given how much airlines are pushing people towards self service check-in and as a result how few staff they have on check-in desks in some cases…
I’m not sure it will be quite such a minimal impact
@cirriustech @GossiTheDog agree, this will likely expand in short time.
-
BBC good reporting on the ground impact
In theory it should be minimal but in practice airlines have automated many jobs so we’ll see.
The media are reporting this is impacting 3 airports, but it's actually more - the 3 airports are main transport hubs so building up backlogs (eg Heathrow is at 50% delayed flights now) but there's others, they're just smaller.
-
The media are reporting this is impacting 3 airports, but it's actually more - the 3 airports are main transport hubs so building up backlogs (eg Heathrow is at 50% delayed flights now) but there's others, they're just smaller.
The most surprising element so far is ARINC didn't tell Heathrow it was cyber related for almost 15 hours.
-
@cirriustech @GossiTheDog agree, this will likely expand in short time.
@cirriustech @GossiTheDog here are the “top ten” airports using vMUSE. See any you recognize in Europe as listed in current incident ;)
1. London Heathrow (LHR)
2. Glasgow Airport (GLA)
3. Berlin Schönefeld (SXF)
4. Dublin Airport (DUB)
5. Cork Airport (ORK)
6. Cologne Bonn Airport (CGN)
7. Mazatlán International Airport (Mexico)
8. Zihuatanejo International Airport (Mexico)
9. Monterrey International Airport (Mexico)
10. Velana International Airport (Maldiverne) -
The most surprising element so far is ARINC didn't tell Heathrow it was cyber related for almost 15 hours.
If any journalists want a list of top impacted airports to check: https://infosec.exchange/@nieldk/115237394885804514
BBC have Dublin and Cork added.
-
If any journalists want a list of top impacted airports to check: https://infosec.exchange/@nieldk/115237394885804514
BBC have Dublin and Cork added.
ARINC collect passenger biometric data on vMUSE, which is the system which has been impacted (the user identity database in particular, hence why airline staff can't log in either).
-
ARINC collect passenger biometric data on vMUSE, which is the system which has been impacted (the user identity database in particular, hence why airline staff can't log in either).
Here’s where it began this time yesterday, before the whole thing tumbled off a cliff.
-
Here’s where it began this time yesterday, before the whole thing tumbled off a cliff.
honey i've opened the door to 1998
-
honey i've opened the door to 1998
ARINC hope to have vMUSE back online shortly, they’re restoring their Windows environment from backup. Somebody got Domain Admin and totalled it.
-
ARINC hope to have vMUSE back online shortly, they’re restoring their Windows environment from backup. Somebody got Domain Admin and totalled it.
ARINC are flying engineers out to airports to try to fix terminals.
Brussels airport, EBBR, have issued this NOTAM: “AD LTD DUE TO AN IT SYSTEM DISRUPTION. AIRLINES ARE TO CANCEL 50
PERCENT OF THEIR DEPARTING PASSENGER FLIGHTS IN THIS TIMEFRAME” -
ARINC are flying engineers out to airports to try to fix terminals.
Brussels airport, EBBR, have issued this NOTAM: “AD LTD DUE TO AN IT SYSTEM DISRUPTION. AIRLINES ARE TO CANCEL 50
PERCENT OF THEIR DEPARTING PASSENGER FLIGHTS IN THIS TIMEFRAME”The ARINC incident continues https://www.bbc.co.uk/news/articles/cwy88857llno
Also for anybody interested, ARINC is where the cyber incident is.
ARINC were basically the OG airport network provider, from 1929. ARNIC were sold to Carlyle Group (private equity) in 2007, who sold them to Rockwell Collins in 2013, who sold to United Technologies in 2018, who merged to form Collins Aerospace. Their network looks a mess of US corporate shenanigans… webmail doesn’t even require https yet 😅
-
The ARINC incident continues https://www.bbc.co.uk/news/articles/cwy88857llno
Also for anybody interested, ARINC is where the cyber incident is.
ARINC were basically the OG airport network provider, from 1929. ARNIC were sold to Carlyle Group (private equity) in 2007, who sold them to Rockwell Collins in 2013, who sold to United Technologies in 2018, who merged to form Collins Aerospace. Their network looks a mess of US corporate shenanigans… webmail doesn’t even require https yet 😅
Worth noting that airplanes are incredibly safe and resilient after extensive regulation and open and transparent investigations of every air incident…
when you land on the ground, however, air travel is caught in the same cybersecurity bullshit every other industry is caught up in.
-
Worth noting that airplanes are incredibly safe and resilient after extensive regulation and open and transparent investigations of every air incident…
when you land on the ground, however, air travel is caught in the same cybersecurity bullshit every other industry is caught up in.
The incident continues https://www.bbc.co.uk/news/articles/cqjeej85452o
-
The incident continues https://www.bbc.co.uk/news/articles/cqjeej85452o
The ARINC incident is likely to continue through the week. They haven’t yet got the threat out of the network.
Gli ultimi otto messaggi ricevuti dalla Federazione
-
Out of Context Biffo the Bear (@oocbiffo.bsky.social)
https://bsky.app/profile/oocbiffo.bsky.social/post/3m46zwaem7c26
> Beano #708, Feb 11, 1956
-
@phastidio
Oh noooooo... Corro a comprarmene una decina prima che fallisca!!!
-
Certo, resta da capire perché, con questi sponsor
https://www.python.org/psf/sponsors/
abbia un budget annuale di 5 milioni di USD, perché 750 k facciano quindi tanta differenza, e perché questi li sponsorizzino malgrado non abbiano un sistema di protezione della supply-chain e dei pacchetti del repo principale.
È vero che se riuscissero a fare quei soldi con le donazioni dei singoli avrebbero gli stessi soldi e meno padroni.
Ricordo che il FOSS è gratis ma molto costoso.
Quindi donate, quanto potete.
-
@Uilebheist ma nemmeno lo fa in allegria
-
A 19 anni ero convinto che di lì a poco sarei partito per un tour mondiale con la mia band hard rock.
A 24 rispondevo alle chiamate in un call centre.
Wat de fak is andato storto in quei fatidici 5 anni?
-
-
Viaggiatori, è quasi tutto pronto per il mio viaggio a La Gomera (isole Canarie).
Durante il viaggio cercherò di postare foto e pensieri, si Pixelfed, e sul neonato gruppo "Viaggi e Foto" su #Feddit (https://www.feddit.it/c/viaggi).
Ogni giorno scriverò qualcosa, Nun mini blog del giorno, anche sulla sezione dedicata del mio sito:
https://simoneviaggiatore.wordpress.com/la-gomera/
Restiamo in contatto! 🙂
-
La targa per Giuseppe Pinelli è stata vandalizzata per la sesta volta
È stata vandalizzata per la sesta volta la targa in ricordo di Giuseppe Pinelli, ferroviere e attivista anarchico morto il 15 dicembre 1969 nei locali della questura di Milano. La targa è posizionata in piazzale Segesta, a San Siro, non lontano dalla sua abitazione.
da https://www.milanotoday.it/politica/vandalizzata-targa-pinelli-ottobre-2025.html
Aggiungo un'altra foto, che nell'articolo non compare, di un cartello apparso questa estate "tra una vandalizzazione e l'altra" che riporto testualmente:
"Giuseppe Pinelli: assassinato e vilipeso. Il Cippo in Piazzale Segesta, in memoria di Giuseppe Pinelli, partigiano-ferroviere-anarchico, ancora una volta è stato vandalizzato per mano della topaia fascista, avvalendosi delle coperture del governo di destra.
Un governo che vuole riscrivere la storia e che utilizza il Decreto "Insicurezza" per reprimere le lotte rivendicative di lavoratori, studenti e movimenti vari.
Una legge bocciata anche dalla Corte di Cassazione, ma l'attuale governo, come già nel ventennio fascista, risponde: "Ce ne freghiamo".
