In Other News: TSA Wants New Cyber Rules, Scam Call Detection in Android, SIM Swappers Arrested

November 15, 2024 at 08:15AM The TSA is proposing new cybersecurity regulations for pipelines and railroads. Google has introduced scam call detection features for Android devices, and several SIM swappers have been arrested in the US. **Meeting Takeaways:** 1. **TSA Cyber Regulations**: The Transportation Security Administration (TSA) is proposing new cybersecurity rules specifically aimed at … Read more

TSA Proposes Cyber Risk Mandates for Pipelines, Transportation Systems

November 14, 2024 at 09:01PM The TSA has proposed new cybersecurity rules for pipeline, railroad, bus, and public transportation systems, enhancing existing frameworks. Affected operators must implement cyber risk management programs, report incidents, and maintain security measures. This initiative aims to boost cybersecurity resilience, with public comments accepted until February 2, 2025. ### Meeting Takeaways … Read more

CISA Breaks Silence on Controversial ‘Airport Security Bypass’ Vulnerability 

September 6, 2024 at 06:30AM CISA responded to the disclosure of a security vulnerability in FlyCASS, a third-party application related to airport security systems. The issue allowed unauthorized access to the account of a participating airline, potentially compromising security screening and cockpit access. The researchers identified and reported several serious issues, prompting the disabling of … Read more

Tired of airport security queues? SQL inject yourself into the cockpit, claim researchers

August 30, 2024 at 09:35AM Cybersecurity researchers discovered a vulnerability in the Known Crewmember (KCM) and Cockpit Access Security System (CASS) programs, allowing unauthorized access to skip airport security and enter the cockpit of commercial airliners. By exploiting a SQL injection bug in the third-party vendor site FlyCASS, the researchers gained admin access and manipulated … Read more