this post was submitted on 31 Aug 2024
50 points (98.1% liked)

Security News

2436 readers
1 users here now

founded 1 year ago
MODERATORS
jerry@infosec.pub
50
Researchers find SQL injection to bypass airport TSA security checks (www.bleepingcomputer.com)
submitted 1 month ago by IllNess@infosec.pub to c/securitynews@infosec.pub
3 comments fedilink hide all child comments
 

Researchers Ian Carroll and Sam Curry discovered the vulnerability in FlyCASS, a third-party web-based service that some airlines use to manage the Known Crewmember (KCM) program and the Cockpit Access Security System (CASS). KCM is a Transportation Security Administration (TSA) initiative that allows pilots and flight attendants to skip security screening, and CASS enables authorized pilots to use jumpseats in cockpits when traveling.

Definitions:

SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution.

-Wikipedia

you are viewing a single comment's thread
view the rest of the comments
[–] fubarx@lemmy.ml 17 points 1 month ago

Security theater: Shoes and belts off.

Security circus: Pilot Captain Bobby Tables.