DeFi Daily News
Wednesday, July 1, 2026
Advertisement
  • Cryptocurrency
    • Bitcoin
    • Ethereum
    • Altcoins
    • DeFi-IRA
  • DeFi
    • NFT
    • Metaverse
    • Web 3
  • Finance
    • Business Finance
    • Personal Finance
  • Markets
    • Crypto Market
    • Stock Market
    • Analysis
  • Other News
    • World & US
    • Politics
    • Entertainment
    • Tech
    • Sports
    • Health
  • Videos
No Result
View All Result
DeFi Daily News
  • Cryptocurrency
    • Bitcoin
    • Ethereum
    • Altcoins
    • DeFi-IRA
  • DeFi
    • NFT
    • Metaverse
    • Web 3
  • Finance
    • Business Finance
    • Personal Finance
  • Markets
    • Crypto Market
    • Stock Market
    • Analysis
  • Other News
    • World & US
    • Politics
    • Entertainment
    • Tech
    • Sports
    • Health
  • Videos
No Result
View All Result
DeFi Daily News
No Result
View All Result
Home Other News Tech

Researchers discover bug allowing fake pilots to be added to TSA check rosters

Wes Davis by Wes Davis
September 8, 2024
in Tech
0 0
0
Researchers discover bug allowing fake pilots to be added to TSA check rosters
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on Telegram
Listen to this article

A pair of security researchers, Ian Carroll and Sam Curry, made a startling discovery regarding a vulnerability in the login systems used by the Transportation Security Administration (TSA) to verify airline crew members at airport security checkpoints. This bug allowed individuals with basic knowledge of SQL injection to manipulate the systems, potentially granting unauthorized access to airline rosters and security checkpoints, posing a serious threat to airline safety and security.

Carroll and Curry uncovered the vulnerability while investigating a third-party website belonging to FlyCASS, a vendor that provides access to the TSA’s Known Crewmember (KCM) and Cockpit Access Security System (CASS) for smaller airlines. By inserting a simple apostrophe into the username field, they triggered a MySQL error, indicating that the username was directly inserted into the login SQL query, making it susceptible to SQL injection attacks.

Upon further investigation, Carroll and Curry confirmed the presence of SQL injection and were able to exploit the vulnerability using tools like sqlmap. By inputting specific credentials, they managed to gain administrator access to the FlyCASS system, granting them unrestricted control over airline crew records and photos.

Once inside the system, Carroll noted that there were no additional security checks or authentication measures in place, allowing them to freely manipulate crew records and photos for any airline using FlyCASS. This posed a grave security risk, as unauthorized individuals could potentially exploit the vulnerability to gain access to secure airport areas, compromising airline safety protocols.

In response to these findings, TSA press secretary R. Carter Langston denied the severity of the issue, stating that the agency does not solely rely on the compromised database for flight crew authentication. Langston reassured the public that only verified crew members are granted access to secure airport areas, downplaying the potential risks associated with the vulnerability.

<DeFi Daily News> is your go-to source for the latest updates and trending news articles in the world of decentralized finance. Stay informed and stay ahead of the curve with DeFi Daily News!

In conclusion, the discovery of this vulnerability in the TSA’s login systems highlights the critical importance of robust cybersecurity measures in aviation and transportation industries. The ease with which Carroll and Curry were able to exploit the system underscores the need for continuous vigilance and proactive security protocols to safeguard sensitive data and infrastructure from potential threats. While the TSA’s response may downplay the severity of the issue, it serves as a stark reminder of the ever-evolving nature of cyber threats and the constant need for organizations to prioritize cybersecurity practices and risk mitigation strategies. By staying informed and adopting best practices in cybersecurity, we can help mitigate the risks posed by vulnerabilities like the one uncovered by Carroll and Curry, ensuring the safety and security of critical systems and services.



Source link

Tags: AddedAllowingbugCheckDiscoverFakepilotsResearchersrostersTSA
ShareTweetShare
Previous Post

#1 Secret To True Wealth [BitBoy Crypto Sunday Sermon]

Next Post

Experts Predict Legal Challenges for Meme Coin Takeover Teams – Decrypt

Next Post
Experts Predict Legal Challenges for Meme Coin Takeover Teams – Decrypt

Experts Predict Legal Challenges for Meme Coin Takeover Teams - Decrypt

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search

No Result
View All Result
  • Trending
  • Comments
  • Latest
rewrite this title Will the Next Bilt Credit Card Please Stand Up? – NerdWallet

rewrite this title Will the Next Bilt Credit Card Please Stand Up? – NerdWallet

March 18, 2025
Gutfeld: This is the ‘biggest crime story I’ve ever seen’

Gutfeld: This is the ‘biggest crime story I’ve ever seen’

September 27, 2024
rewrite this title Justin Sun Eats  Million Banana

rewrite this title Justin Sun Eats $6 Million Banana

November 29, 2024
‘DELUSIONAL’: Biden reportedly regrets dropping out of 2024 race

‘DELUSIONAL’: Biden reportedly regrets dropping out of 2024 race

December 29, 2024
rewrite this title and make it good for SEOBattle Lines For Fed Independence Are Being Drawn As FOMC Pauses Interest Rate Cuts (SPX)

rewrite this title and make it good for SEOBattle Lines For Fed Independence Are Being Drawn As FOMC Pauses Interest Rate Cuts (SPX)

January 31, 2025
‘DISGUSTING’: Homan puts Dem governor on blast

‘DISGUSTING’: Homan puts Dem governor on blast

June 20, 2025
rewrite this title and make it good for SEOGold prices today, Wednesday, July 1: Prices remain below ,100, but could have plenty of room to rise

rewrite this title and make it good for SEOGold prices today, Wednesday, July 1: Prices remain below $4,100, but could have plenty of room to rise

July 1, 2026
rewrite this title Citizens Financial: Strong Bullish Thesis Continues, As Margins And Resilience Improve

rewrite this title Citizens Financial: Strong Bullish Thesis Continues, As Margins And Resilience Improve

July 1, 2026
rewrite this title with good SEO Crypto Becomes America’s Top Corporate Political Donor With 9 Million Poured Into 2026 Midterms

rewrite this title with good SEO Crypto Becomes America’s Top Corporate Political Donor With $189 Million Poured Into 2026 Midterms

July 1, 2026
rewrite this title 25 Halloween Costumes You Can Make In 10 Minutes From Your Closet – Penny Pinchin’ Mom

rewrite this title 25 Halloween Costumes You Can Make In 10 Minutes From Your Closet – Penny Pinchin’ Mom

July 1, 2026
rewrite this title 5 safety tips to keep you out of the emergency room this summer

rewrite this title 5 safety tips to keep you out of the emergency room this summer

July 1, 2026
rewrite this title Goliath Ventures CEO Pleads Guilty to 0M Crypto Ponzi Scheme – Decrypt

rewrite this title Goliath Ventures CEO Pleads Guilty to $250M Crypto Ponzi Scheme – Decrypt

July 1, 2026
DeFi Daily

Stay updated with DeFi Daily, your trusted source for the latest news, insights, and analysis in finance and cryptocurrency. Explore breaking news, expert analysis, market data, and educational resources to navigate the world of decentralized finance.

  • About Us
  • Blogs
  • DeFi-IRA | Learn More.
  • Advertise with Us
  • Disclaimer
  • Privacy Policy
  • DMCA
  • Cookie Privacy Policy
  • Terms and Conditions
  • Contact us

Copyright © 2024 Defi Daily.
Defi Daily is not responsible for the content of external sites.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Cryptocurrency
    • Bitcoin
    • Ethereum
    • Altcoins
    • DeFi-IRA
  • DeFi
    • NFT
    • Metaverse
    • Web 3
  • Finance
    • Business Finance
    • Personal Finance
  • Markets
    • Crypto Market
    • Stock Market
    • Analysis
  • Other News
    • World & US
    • Politics
    • Entertainment
    • Tech
    • Sports
    • Health
  • Videos

Copyright © 2024 Defi Daily.
Defi Daily is not responsible for the content of external sites.