17 votes

US airline accidentally exposes ‘No Fly List’ on unsecured server

Posted January 22, 2023 by cfabbro

Tags: usa, aviation, no fly list, terrorist screening database, fbi, watchlists.terrorism, commuteair, hacking, maia arson crimew, security.airport, airlines, technology, transportation security administration, author.mikael thalen, author.david covucci, source.dailydot

https://www.dailydot.com/debug/no-fly-list-us-tsa-unprotected-server-commuteair/

Link information

This data is scraped automatically and may be incorrect.

Authors: Mikael Thalen
Published: Jan 19 2023
Word count: 1274 words

2 comments

cfabbro (OP)
January 22, 2023
Link
The hacker's blog post is also worth a read for the technical nitty gritty: how to completely own an airline in 3 easy steps and grab the TSA nofly list along the way p.s. "NOFLY.CSV" 🤦

The hacker's blog post is also worth a read for the technical nitty gritty:
how to completely own an airline in 3 easy steps and grab the TSA nofly list along the way

p.s. "NOFLY.CSV" 🤦

16 votes
JRandomHacker
January 22, 2023
Link
Pleasantly surprised by the language in this article - they actually seem to accurately describe the mundanity/ease of the "hack", which puts the blame more squarely where it belongs (on the...

Pleasantly surprised by the language in this article - they actually seem to accurately describe the mundanity/ease of the "hack", which puts the blame more squarely where it belongs (on the company that left this server unsecured and publicly accessible)

9 votes