Connect with us

Hi, what are you looking for?

CrazyFlux.comCrazyFlux.com

Tech News

Researchers say a bug let them add fake pilots to rosters used for TSA checks

A collection of warning signs, bugs, and notifications emulating malware or a cyber attack. The images are placed in a connected web against a blue background.
Illustration by Carlo Cadenas / The Verge

A pair of security researchers say they discovered a vulnerability in login systems for records that the Transportation Security Administration (TSA) uses to verify airline crew members at airport security checkpoints. The bug let anyone with a “basic knowledge of SQL injection” add themselves to airline rosters, potentially letting them breeze through security and into the cockpit of a commercial airplane, researcher Ian Carroll wrote in a blog post in August.

Carroll and his partner, Sam Curry, apparently discovered the vulnerability while probing the third-party website of a vendor called FlyCASS that provides smaller airlines access to the TSA’s Known Crewmember (KCM) system and Cockpit Access Security System (CASS). They found that…

Continue reading…

You May Also Like

Editor's Pick

Vanessa Brown Calder On the campaign trail last week, former President Trump promised that under a future Trump administration, “government will pay” or “your...

Editor's Pick

Clark Packard The US-China relationship is the most important and complex bilateral relationship in the world today. How these two superpowers interact is a...

Editor's Pick

Walter Olson The Electoral College is out of favor these days not only among scholars and commentators but also with the general public. Why...

Editor's Pick

In this video from StockCharts TV, Julius takes a look at rotations in an asset allocation RRG. He compares fixed-income-related asset classes, commodities, the...