Lucene search
+L

46 matches found

Schneier on Security
Schneier on Security
added 2023/06/06 11:17 a.m.36 views

Snowden Ten Years Later

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. But I had a more personal involvement as well. I wrote the essay below in September 2013. The New Yorker agreed to publish it, but the Guardian asked me not to...

7.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2023/05/10 7:9 p.m.18 views

New TSA Cybersecurity Emergency Action Rule Impacts Cybersecurity and Compliance

On March 7, 2023, in the wake of President Joe Biden’s National Cybersecurity Strategy announcement, the U.S. Transportation Security Administration TSA issued a cybersecurity emergency action amendment for certain regulated airport and aircraft operators. The new Action Rule can have significant...

7.3AI score
Exploits0
Talos Blog
Talos Blog
added 2022/07/14 6:0 p.m.13 views

Threat Source newsletter (July 14, 2022) — Are virtual IDs worth the security risk of saving a few seconds in the TSA line?

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. I’ve started flying again on a somewhat regular basis now that work conferences and out-of-state vacations are becoming a thing again. I took about 18 months or so off flying during the peak of the pandemic, but now...

6.9AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2022/04/09 1:0 p.m.8 views

TSA’s Terrorist Watch List Comes for Amtrak Passengers

Plus: Microsoft seizes Russian GRU domains, Cash App’s data breach, and Obama’s disinfo admission...

2.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/03/26 6:24 p.m.21 views

tsa-algerie.com Cross Site Scripting vulnerability OBB-2449627

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Wired Threat Level
Wired Threat Level
added 2022/03/19 1:0 p.m.9 views

TSA’s First Crack at Guarding Pipelines From Hackers Falls Short

Plus: Anonymous dedicates a hack to Hillary Clinton, Google researchers expose Exotic Lily, and more...

2.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/09/02 11:28 a.m.15 views

Digital State IDs Start Rollouts Despite Privacy Concerns

Apple has unveiled the first eight states that will roll out digital IDs and drivers licenses on its mobile devices, despite critics’ concerns that the introduction of purely digital forms of identification will raise privacy, security and equanimity issues. Arizona and Georgia will be the first...

6.4AI score
Exploits0References12
Malwarebytes
Malwarebytes
added 2021/05/25 8:7 p.m.38 views

Colonial Pipeline attack spurs new rules for critical infrastructure

Following a devastating cyberattack on the Colonial Pipeline, the Transportation Security Administration—which sits within the government’s Department of Homeland Security—will issue its first-ever cybersecurity directive for pipeline companies in the United States, according to exclusive reporti...

7.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2020/03/16 2:31 p.m.36 views

TSA Admits Liquid Ban Is Security Theater

The TSA is allowing people to bring larger bottles of hand sanitizer with them on airplanes: Passengers will now be allowed to travel with containers of liquid hand sanitizer up to 12 ounces. However, the agency cautioned that the shift could mean slightly longer waits at checkpoint because the...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2020/02/25 2:52 p.m.70 views

Sen. Schumer Pushes for TSA Employee Ban on TikTok App at Work

The Transportation Safety Authority TSA has become the latest federal agency to ban the use of TikTok among its employees based on national-security fears over how ByteDance, the Beijing-based company that owns the app, uses the data collected by it. Some TSA employees have used the app to create...

0.2AI score
Exploits0References10
CISA
CISA
added 2019/11/04 12:0 a.m.9 views

CSET Version 9.2 Now Available

The Cybersecurity and Infrastructure Security Agency CISA has released version 9.2 of its Cyber Security Evaluation Tool CSET. CSET is a desktop software tool that guides asset owners and operators through a consistent process for evaluating control system networks as part of a comprehensive...

6.8AI score
Exploits0References1
Schneier on Security
Schneier on Security
added 2018/11/20 12:44 p.m.41 views

The PCLOB Needs a Director

The US Privacy and Civil Liberties Oversight Board is looking for a director. Among other things, this board has some oversight role over the NSA. More precisely, it can examine what any executive-branch agency is doing about counterterrorism. So it can examine the program of TSA watchlists, NSA...

1.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/10/03 12:11 p.m.28 views

Terahertz Millimeter-Wave Scanners

Interesting article on terahertz millimeter-wave scanners and their uses to detect terrorist bombers. The heart of the device is a block of electronics about the size of a 1990s tower personal computer. It comes housed in a musician's black case, akin to the one Spinal Tap might use on tour. At t...

0.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/08/10 11:10 a.m.25 views

Don't Fear the TSA Cutting Airport Security. Be Glad That They're Talking about It.

Last week, CNN reported that the Transportation Security Administration is considering eliminating security at U.S. airports that fly only smaller planes -- 60 seats or fewer. Passengers connecting to larger planes would clear security at their destinations. To be clear, the TSA has put forth no...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/10/06 4:22 a.m.9 views

tsa-westbound.org Open Redirect vulnerability

Vulnerable URL: http://www.tsa-westbound.org/flashdetection.swf?flashContentURL=https://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 04.01.2018 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2017/05/05 12:35 p.m.24 views

Why Is the TSA Scanning Paper?

I've been reading a bunch of anecdotal reports that the TSA is starting to scan paper separately: A passenger going through security at Kansas City International Airport MCI recently was asked by security officers to remove all paper products from his bag. Everything from books to Post-It Notes,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2015/09/10 9:13 p.m.13 views

Lockpickers 3D-Printed Master Key for TSA Luggage Locks and BluePrint Leaked Online

Here're a good news and bad news for you. The good news is that if you lose the keys for your TSA-compliant "Travel Sentry" luggage locks then you can just 3D print your very own TSA master keys. The bad news is that anyone can now 3D print their own master keys to open your bags. Yes, the securi...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/19 12:0 a.m.32 views

Mandriva Linux Security Advisory : openssl (MDVSA-2014:090)

Updated openssl packages fix security vulnerability : A read buffer can be freed even when it still contains data that is used later on, leading to a use-after-free. Given a race condition in a multi-threaded application it may permit an attacker to inject data from one connection into another or...

4CVSS7.7AI score0.34132EPSS
Exploits0References2
Mageia
Mageia
added 2014/04/23 4:4 p.m.72 views

Updated openssl packages fix CVE-2010-5298

Updated openssl packages fix security vulnerability: A read buffer can be freed even when it still contains data that is used later on, leading to a use-after-free. Given a race condition in a multi-threaded application it may permit an attacker to inject data from one connection into another or...

4CVSS2.2AI score0.34132EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/04/17 12:0 a.m.255 views

Debian Security Advisory DSA 2908-1 (openssl - security update)

Multiple vulnerabilities have been discovered in OpenSSL. The following Common Vulnerabilities and Exposures project ids identify them: CVE-2010-5298 A read buffer can be freed even when it still contains data that is used later on, leading to a use-after-free. Given a race condition in a...

4CVSS7.7AI score0.34132EPSS
Exploits1References1
Rows per page
Query Builder