United Airlines – WindowsTechs.com

Only 24 hours left to save $100 on TC Sessions: Enterprise 2019

Posted on August 8, 2019 by Emma Comeau

Heads up all you enterprising enterprise software startuppers. You have only 24 hours before the price goes up on tickets to TC Sessions: Enterprise 2019. Save $100 and join us in San Francisco on September 5 — along with some of the industry’s top founders, CEOs, investors and technologists. Buy your early-bird ticket before 11:59 […] Continue reading Only 24 hours left to save $100 on TC Sessions: Enterprise 2019→

Supply Chain Security: Managing a Complex Risk Profile

Posted on December 12, 2018 by Lindsey O'Donnell

Experts sound off on how companies can work with their third-party suppliers and partners to secure the end-to-end supply chain. Continue reading Supply Chain Security: Managing a Complex Risk Profile→

What Is Your Bank’s Security Banking On?

Posted on March 6, 2018 by BrianKrebs

A large number of banks, credit unions and other financial institutions just pushed customers onto new e-banking platforms that asked them to reset their account passwords by entering a username plus some other static identifier — such as the first six digits of their Social Security number, or a mix of partial SSN, date of birth or surname. Here’s a closer look at what may be going on (spoiler: small, regional banks and credit unions have grown far too reliant on the whims of just a few major online banking platform providers).

You might think it odd that any self-respecting financial institution would seek to authenticate customers via static data like partial SSN for passwords, and you’d be justified for thinking that, too. Nobody has any business using these static identifiers for authentication because it’s all for sale on most Americans quite easily and cheaply in the cybercrime underground. The Equifax breach might have “refreshed” some of those data stores for identity thieves, but most U.S. adults have had their static details on sale for years now.

On Feb. 16, KrebsOnSecurity reader Brent Hoeft shared a copy of an email he’d just received from his financial institution Associated Bank, which at $30+ billion in assets happens to be Wisconsin’s largest by asset size. Continue reading What Is Your Bank’s Security Banking On?→

Why It’s Still A Bad Idea to Post or Trash Your Airline Boarding Pass

Posted on August 24, 2017 by BrianKrebs

An October 2015 piece published here about the potential dangers of tossing out or posting online your airline boarding pass remains one of the most-read stories on this site. One reason may be that the advice remains timely and relevant: A talk recently given at a Czech security conference advances that research and offers several reminders of how being careless with your boarding pass could jeopardize your security or even cause trip disruptions down the road. Continue reading Why It’s Still A Bad Idea to Post or Trash Your Airline Boarding Pass→

News in brief: United cockpit codes leaked online; WhatsApp fined; Netflix pulled from rooted phones

Posted on May 15, 2017 by Kate Bevan

Your daily round-up of some of the other stories in the news Continue reading News in brief: United cockpit codes leaked online; WhatsApp fined; Netflix pulled from rooted phones→

Student cybervandal earns $300,000 for hacking US Airlines

Posted on September 20, 2016 by Lisa Vaas

The student who formerly hacked a rival school is now getting $300,000 worth of air miles from United Airlines’ Bug Bounty Program. Continue reading Student cybervandal earns $300,000 for hacking US Airlines→

United Airlines Sets Minimum Bar on Security

Posted on August 24, 2016 by BrianKrebs

United Airlines has rolled out a series of updates to its Web site that the company claims will help beef up the security of customer accounts. But at first glance, the core changes — moving from a 4-digit PINs to password and requiring customers to pick five different security questions and answers — may seem like a security playbook copied from Yahoo.com, circa 2009. Here’s a closer look at what’s changed in how United authenticates customers, and hopefully a bit of insight into what the nation’s fourth-largest airline is trying to accomplish with its new system. Continue reading United Airlines Sets Minimum Bar on Security→

Teen hacker flies to Black Hat on his one million free airmiles

Posted on August 10, 2016 by Lisa Vaas

The biggest payout from United Airlines for his 20+ bugs was a 250,000 mile reward for an undisclosed flaw. Continue reading Teen hacker flies to Black Hat on his one million free airmiles→

2 Hackers Win Over 1 Million Air Miles each for Reporting Bugs in United Airlines

Posted on August 9, 2016 by Mohit Kumar

Two computer hackers have earned more than 1 Million frequent-flyer miles each from United Airlines for finding and reporting multiple security vulnerabilities in the Airline’s website.

Olivier Beg, a 19-year-old security researcher from the Netherlan… Continue reading 2 Hackers Win Over 1 Million Air Miles each for Reporting Bugs in United Airlines→

19-year-old wins one million airmiles after finding United Airlines bugs

Posted on August 8, 2016 by Graham Cluley

Vulnerability researcher Olivier Beg from Amsterdam has been handsomely rewarded with one million airmiles by United Airlines, after finding some 20 security holes in the company’s software.
As the Dutch Broadcast Foundation reports, the 19-year-old ha… Continue reading 19-year-old wins one million airmiles after finding United Airlines bugs→