{"id":54781,"date":"2023-12-06T14:32:21","date_gmt":"2023-12-06T14:32:21","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35270\/US-Aerospace-Firm-Downed-By-Spearphishing-Attack.html"},"modified":"2023-12-06T14:32:21","modified_gmt":"2023-12-06T14:32:21","slug":"us-aerospace-firm-downed-by-spearphishing-attack","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/","title":{"rendered":"US Aerospace Firm Downed By Spearphishing Attack"},"content":{"rendered":"<p>As news came out over the past several days that the threat actor dubbed AeroBlade conducted espionage by targeting a U.S. aerospace organization via a <a href=\"https:\/\/www.scmagazine.com\/brief\/israel-subjected-to-new-muddywater-spear-phishing-attacks\">spearphishing attack<\/a>, security pros were concerned that American companies still have not learned basic cybersecurity lessons.<\/p>\n<p>&#8220;This is a great example of how the world still does not take cybersecurity seriously enough,\u201d said Roger Grimes, data-driven defense evangelist at KnowBe4. \u201cAerospace is a <a href=\"https:\/\/www.scmagazine.com\/topic\/critical-infrastructure-security\">critical infrastructure industry&nbsp;<\/a>and it should have cybersecurity as strong as any organization. And yet, spear phishing \u2013 which has been around for over three decades \u2013 continues to have consistent exploitation success.\u201d<\/p>\n<p>Grimes said the aerospace industry and other critical industries need to take four basic steps to prevent these phishing attacks: aggressive anti-social engineering training, 100% consistent patching, phishing-resistant multifactor authentication, and strong password policies. \u201cIf the aerospace industry took just those four steps, threats such as AeroBlade would not see continued success,\u201d said Grimes.<\/p>\n<p>In a <a href=\"https:\/\/blogs.blackberry.com\/en\/2023\/11\/aeroblade-on-the-hunt-targeting-us-aerospace-industry\">blog post November 30,<\/a> the BlackBerry Threat Research and Intelligence team explained that the spearphishing attack itself was a weaponized document sent as an email attachment that contained an embedded remote template injection technique and a malicious VBA macro code.<\/p>\n<p>The researchers said evidence suggests that the attacker\u2019s network infrastructure and weaponization became operational around September 2022. BlackBerry assessed with \u201cmedium to high confidence\u201d that the offensive phase of the attack occurred in July 2023.<\/p>\n<p>Here\u2019s how the researchers said the attack was executed (see illustration below): A malicious Microsoft Word document called [redacted].docx was delivered via email spearphishing, which when executed manually by the user, employs a remote template injection to download a second stage file called \u201c[redacted].dotm.\u201d This file in turn executes &#8220;item3.xml,, which creates a reverse shell connecting to &#8220;redacted[.]redacted[.]com&#8221; over port 443.<\/p>\n<figure><img alt loading=\"lazy\" width=\"697\" height=\"418\" decoding=\"async\" data-nimg=\"1\" class=\"MediaItem_img__WJ8V4\" srcset=\"https:\/\/image-optimizer.cyberriskalliance.com\/unsafe\/750x0\/https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/12\/AeroBladeDiagram.png 1x, https:\/\/image-optimizer.cyberriskalliance.com\/unsafe\/1920x0\/https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/12\/AeroBladeDiagram.png 2x\" src=\"https:\/\/image-optimizer.cyberriskalliance.com\/unsafe\/1920x0\/https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/12\/AeroBladeDiagram.png\"><\/figure>\n<p><strong>Why these attacks are more sophisticated than they first appear &nbsp;<\/strong><\/p>\n<p>Callie Guenther, senior manager of cyber threat research at Critical Start explained that the time gap of almost one year between the initial attack and the subsequent offensive phase suggests that the attackers were developing and refining their tools and strategies. Guenther said this indicates a high level of commitment and resources, typical of state-sponsored or highly-organized criminal groups.<\/p>\n<p>Guenther added that the seriousness of these attacks lies in their sophistication, targeted nature, and the potential impact on critical infrastructure and sensitive information. While the initial attack vector was a targeted email scam, the weaponized document used a remote template injection technique, a more sophisticated method compared to traditional phishing attacks. Guenther said this technique involves retrieving a payload from a remote server, which is executed when the victim enables macros in the Microsoft Word document.<\/p>\n<p>\u201cIt&#8217;s is a clever way to bypass some security measures that might catch more straightforward malicious attachments,\u201d said Guenther.<\/p>\n<p>The remote template injection involved deploying a DLL that functions as a reverse shell, explained Guenther. It\u2019s a method used to gain control over a system by forcing it to open a port and communicate with a command-and-control server that lets attackers remotely execute commands on the victim&#8217;s machine. Guenther said the malware had capabilities to enumerate directories, indicating a reconnaissance effort.<\/p>\n<p>\u201cThis is typical in espionage operations where the attackers first assess the value of the data available on the infected host before deciding on their next steps,\u201d said Guenther. \u201cThe DLL used in the attack was heavily obfuscated and equipped with anti-analysis and anti-disassembly features. This makes it difficult for cybersecurity professionals to analyze and understand the malware, a common tactic to delay detection and mitigation. They also used a Task Scheduler for persistence, naming a task \u2018WinUpdate2\u2019 to run daily. This tactic ensures the malware remains active and undetected on the infected system for a prolonged period.\u201d<\/p>\n<p>Donovan Tindill, director of OT cybersecurity at DeNexus, added that the threat actor was patient, having spent nine months in a testing phase before escalating their offensive attack in July 2023. In these more sophisticated campaigns, Tindill said threat actors will seek to learn as much as possible about the organization, including their strengths, weaknesses, financial data, cyber-technical data, vulnerabilities, and passwords.<\/p>\n<p>Tindill said although BlackBerry claims commercial cyber espionage with \u201chigh confidence,\u201d there\u2019s no assurance that the threat-actor will not escalate to ransomware, data encryption, and demand extortion payment in the future. The aerospace sub-industry has also not been identified, such as an airline, airport, or an aircraft manufacturer.<\/p>\n<p>\u201cEach of these subindustries could have a different impact on the aerospace supply chain,\u201d said Tindill. \u201cAerospace organizations are generally very large and have more mature cybersecurity programs. A highly-motivated threat-actor would need to be patient, gather data, and take careful steps to avoid detection to ensure long-term mission success.\u201d<\/p>\n<p>Anurag Gurtu, CPO at StrikeReady, called the AeroBlade attack serious because of the sensitive nature of data held by aerospace companies, including national security details and technology patents. Gurtu added that the techniques employed often involve well-crafted emails and social engineering tactics designed to extract sensitive information or spread malicious software.<\/p>\n<p>\u201cTo counter such threats, it&#8217;s essential for organizations to not only strengthen their cybersecurity defenses, but also to emphasize employee training in identifying and responding to phishing attempts,\u201d said Gurtu. \u201cThis dual approach is crucial in safeguarding against potential breaches that could lead to significant intellectual property loss and national security risks.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35270\/US-Aerospace-Firm-Downed-By-Spearphishing-Attack.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":54782,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[5286],"class_list":["post-54781","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerphish"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>US Aerospace Firm Downed By Spearphishing Attack 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"US Aerospace Firm Downed By Spearphishing Attack 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-06T14:32:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/image-optimizer.cyberriskalliance.com\/unsafe\/1920x0\/https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/12\/AeroBladeDiagram.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"US Aerospace Firm Downed By Spearphishing Attack\",\"datePublished\":\"2023-12-06T14:32:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/\"},\"wordCount\":898,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/us-aerospace-firm-downed-by-spearphishing-attack.png\",\"keywords\":[\"headline,hacker,phish\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/\",\"name\":\"US Aerospace Firm Downed By Spearphishing Attack 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/us-aerospace-firm-downed-by-spearphishing-attack.png\",\"datePublished\":\"2023-12-06T14:32:21+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/us-aerospace-firm-downed-by-spearphishing-attack.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/us-aerospace-firm-downed-by-spearphishing-attack.png\",\"width\":1920,\"height\":1073},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/us-aerospace-firm-downed-by-spearphishing-attack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,phish\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerphish\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"US Aerospace Firm Downed By Spearphishing Attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"US Aerospace Firm Downed By Spearphishing Attack 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/","og_locale":"en_US","og_type":"article","og_title":"US Aerospace Firm Downed By Spearphishing Attack 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-12-06T14:32:21+00:00","og_image":[{"url":"https:\/\/image-optimizer.cyberriskalliance.com\/unsafe\/1920x0\/https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/12\/AeroBladeDiagram.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"US Aerospace Firm Downed By Spearphishing Attack","datePublished":"2023-12-06T14:32:21+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/"},"wordCount":898,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/12\/us-aerospace-firm-downed-by-spearphishing-attack.png","keywords":["headline,hacker,phish"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/","url":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/","name":"US Aerospace Firm Downed By Spearphishing Attack 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/12\/us-aerospace-firm-downed-by-spearphishing-attack.png","datePublished":"2023-12-06T14:32:21+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/12\/us-aerospace-firm-downed-by-spearphishing-attack.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/12\/us-aerospace-firm-downed-by-spearphishing-attack.png","width":1920,"height":1073},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/us-aerospace-firm-downed-by-spearphishing-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,phish","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerphish\/"},{"@type":"ListItem","position":3,"name":"US Aerospace Firm Downed By Spearphishing Attack"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54781","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=54781"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54781\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/54782"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=54781"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=54781"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=54781"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}