TSA – WindowsTechs.com

SQL Injection Attack on Airport Security

Posted on September 2, 2024 by Bruce Schneier

…a special lane at airport security called Known Crewmember (KCM). KCM is a TSA program that allows pilots and flight attendants to bypass security screening, even when flying on domestic personal trips.

The KCM process is fairly simple: the employee uses the dedicated lane and presents their KCM barcode or provides the TSA agent their employee number and airline. Various forms of ID need to be presented while the TSA agent’s laptop verifies the employment status with the airline. If successful, the employee can access the sterile area without any screening at all…

Continue reading SQL Injection Attack on Airport Security→

Are you tracking your cybersecurity implementation?

Posted on December 27, 2023 by Jonathan Reed

From May 7 to 12, 2021, the massive Colonial Pipeline refined oil product delivery system ground to a halt. It was the victim of a DarkSide ransomware cyberattack. The Colonial Pipeline delivers about 45% of fuel for the East Coast, including gasoline, diesel fuel, heating oil, jet fuel and fuel used by the military. When […]

The post Are you tracking your cybersecurity implementation? appeared first on Security Intelligence.

Continue reading Are you tracking your cybersecurity implementation?→

TSA Updates Pipeline Cybersecurity Requirements

Posted on July 27, 2023 by Eduard Kovacs

The TSA has released updated cybersecurity requirements for pipeline owners and operators, instructing them to test assessment and incident response plans.
The post TSA Updates Pipeline Cybersecurity Requirements appeared first on SecurityWeek.
Continue reading TSA Updates Pipeline Cybersecurity Requirements→

TSA Requires Aviation Sector to Enhance Cybersecurity Resilience

Posted on March 8, 2023 by Eduard Kovacs

TSA instructs airport and aircraft operators to improve their cybersecurity resilience and prevent infrastructure disruption and degradation.
The post TSA Requires Aviation Sector to Enhance Cybersecurity Resilience appeared first on SecurityWeek.
Continue reading TSA Requires Aviation Sector to Enhance Cybersecurity Resilience→

No-Fly List Exposed

Posted on January 23, 2023 by Bruce Schneier

I can’t remember the last time I thought about the US no-fly list: the list of people so dangerous they should never be allowed to fly on an airplane, yet so innocent that we can’t arrest them. Back when I thought about it a lot, I realized that the TSA’s practice of giving it to every airline meant that it was not well protected, and it certainly ended up in the hands of every major government that wanted it.

The list is back in the news today, having been left exposed on an insecure airline computer. (The airline is CommuteAir, a company so obscure that I’ve never heard of it before.)…

Continue reading No-Fly List Exposed→

Pentagon Report Assessed Lasers and Radar to Detect ‘Deception’

Posted on March 2, 2021 by Matthew Gault

It’s almost impossible to tell when humans are lying and the technology we use to do so is based on pseudoscience and bad research. Continue reading Pentagon Report Assessed Lasers and Radar to Detect ‘Deception’→

TSA Admits Liquid Ban Is Security Theater

Posted on March 16, 2020 by Bruce Schneier

The TSA is allowing people to bring larger bottles of hand sanitizer with them on airplanes: Passengers will now be allowed to travel with containers of liquid hand sanitizer up to 12 ounces. However, the agency cautioned that the shift could mean slightly longer waits at checkpoint because the containers may have to be screened separately when going through security…. Continue reading TSA Admits Liquid Ban Is Security Theater→

Homeland Security sued over secretive use of face recognition

Posted on March 13, 2020 by Lisa Vaas

As of June 2019, CBP had processed more than 20 million travelers using facial recognition, civil rights group ACLU says. Continue reading Homeland Security sued over secretive use of face recognition→

Sen. Schumer Pushes for TSA Employee Ban on TikTok App at Work

Posted on February 25, 2020 by Elizabeth Montalbano

The Department of Homeland Security and two U.S. military branches already had discontinued use of the app based on concerns over Chinese data-security and censorship practices. Continue reading Sen. Schumer Pushes for TSA Employee Ban on TikTok App at Work→

Microsoft OneDrive Personal Vault, Google’s New Privacy and Security Controls, REAL ID Deadline

Posted on October 7, 2019 by Tom Eston

You’re listening to the Shared Security Podcast, exploring the trust you put in people, apps, and technology…with your host, Tom Eston. In episode 89 for October 7th 2019: Microsoft’s new OneDrive personal vault, updated privacy and s… Continue reading Microsoft OneDrive Personal Vault, Google’s New Privacy and Security Controls, REAL ID Deadline→