Connect with us

Hi, what are you looking for?

Tech News

Researchers say a bug let them add fake pilots to rosters used for TSA checks

A collection of warning signs, bugs, and notifications emulating malware or a cyber attack. The images are placed in a connected web against a blue background.
Illustration by Carlo Cadenas / The Verge

A pair of security researchers say they discovered a vulnerability in login systems for records that the Transportation Security Administration (TSA) uses to verify airline crew members at airport security checkpoints. The bug let anyone with a “basic knowledge of SQL injection” add themselves to airline rosters, potentially letting them breeze through security and into the cockpit of a commercial airplane, researcher Ian Carroll wrote in a blog post in August.

Carroll and his partner, Sam Curry, apparently discovered the vulnerability while probing the third-party website of a vendor called FlyCASS that provides smaller airlines access to the TSA’s Known Crewmember (KCM) system and Cockpit Access Security System (CASS). They found that…

Continue reading…

You May Also Like

Editor's Pick

In this StockCharts TV video, Mary Ellen reviews the broader markets after last week’s rate-cut induced rally. She also shares stocks that are breaking out...

World News

When our ruling classes speak of “believing in democracy,” they are speaking of a romantic version of a form of governance that, in real...

Editor's Pick

Adam N. Michel Tax policy has taken on an outsized role in this year’s presidential campaign and was mentioned repeatedly in the recent presidential...

Editor's Pick

David J. Bier New numbers from the Census Bureau’s mini-census, the American Community Survey (ACS), show that the immigrant population is increasing but is...