TSA
-
Blog
TSA failed to meet pipeline cybersecurity recommendations, says US government watchdog
The Transportation Security Administration (TSA), part of the US Department of Homeland Security (DHS), has been accused of failing to implement several key cybersecurity recommendations to improve the security of the transportation sector. A report from the US Government Accountability Office (GAO) criticized the TSA after it found four of the six cybersecurity recommendations it made to the agency in…
Read More » -
Blog
/cdn.vox-cdn.com/uploads/chorus_asset/file/23249791/VRG_ILLO_STK001_carlo_cadenas_cybersecurity_virus.jpg)
Researchers say a bug let them add fake pilots to rosters used for TSA checks
A pair of security researchers say they discovered a vulnerability in login systems for records that the Transportation Security Administration (TSA) uses to verify airline crew members at airport security checkpoints. The bug let anyone with a “basic knowledge of SQL injection” add themselves to airline rosters, potentially letting them breeze through security and into the cockpit of a commercial…
Read More » -
Blog
Researchers find SQL injection to bypass airport TSA security checks
Security researchers have found a vulnerability in a key air transport security system that allowed unauthorized individuals to potentially bypass airport security screenings and gain access to aircraft cockpits. Researchers Ian Carroll and Sam Curry discovered the vulnerability in FlyCASS, a third-party web-based service that some airlines use to manage the Known Crewmember (KCM) program and the Cockpit Access Security…
Read More »