CyberSecurityBoard
Sponsor Register Login

TSA Issues Security Directive to Airports and Carriers After No-Fly List Leak

The Transportation Security Administration (TSA) has issued a security directive to all U.S. airports and air carriers, warning them of the need for more stringent cybersecurity protections following the leak of the federal No-fly list. A Swiss national recently published a blog post explaining that a copy of the No-fly list from 2019 was left exposed on an unsecured server, alongside other sensitive data from CommuteAir, a regional airline under United Airlines. The TSA has reached out to all domestic airlines to alert them of the potential for further breaches. The security directive reinforces existing requirements on handling sensitive security information and personally identifiable information. The agency has ordered the carriers to review their systems and take immediate action to ensure files are protected. The TSA is working with other federal agencies to investigate the issue. CommuteAir notified the government of the breach on January 18 and noted that none of the agency's systems were affected. Researchers found a November dark web post from the Endurance ransomware group that claimed a database of employee information had been stolen from the company. In their letter to victims of both data breaches, the company said it is working with Mandiant to modernize their systems and investigate the incidents. Rep. Dan Bishop and Committee on Homeland Security Chairman Mark Green sent a letter to TSA Administrator David Pekoske demanding answers about how the hacker was able to access versions of the Federal Terrorist Screening Dataset, as well as a version of the No-fly list. The White House has organized meetings with aviation industry leaders in recent months as it seeks to bolster cybersecurity protections in key sectors. Another congressman has called for federal agencies to investigate cybersecurity vulnerabilities in all systems underpinning air travel. A recent report found that there were 62 ransomware attacks on global aviation stakeholders in 2020 alone, and the value of ransom demands broke records in 2021. The European Air Traffic Management Computer Emergency Response Team found the number of reported cyberattacks among airline industry organizations grew 530% from 2019 to 2020.

This Cyber News was published on therecord.media. Publication date: Mon, 30 Jan 2023 22:01:03 +0000


Cyber News related to TSA Issues Security Directive to Airports and Carriers After No-Fly List Leak

U.S. No Fly List Breach: Government Investigating - A U.S. No Fly list with over 1.5 million records of banned flyers and upwards of 250,000 selectees has been shared publicly on a hacking forum. BleepingComputer has confirmed the list is the same TSA No Fly list that was discovered recently on an ...
1 year ago Bleepingcomputer.com
TSA Issues Security Directive to Airports and Carriers After No-Fly List Leak - The Transportation Security Administration (TSA) has issued a security directive to all U.S. airports and air carriers, warning them of the need for more stringent cybersecurity protections following the leak of the federal No-fly list. A Swiss ...
1 year ago Therecord.media
TSA U.S. No Fly List Leaked on Hacking Forum - It was recently discovered that a U.S. No Fly list, containing over 1.5 million records of banned flyers and 250,000 selectees has been found published on a hacking forum. According to BleepingComputer, its the same TSA No Fly list that was found on ...
1 year ago Heimdalsecurity.com
Congressman Coming for Answers After No-Fly List Hack - U.S. Congressman Bennie Thompson is demanding answers from airlines and the federal government after a "massive hack" of the no-fly list. The congressman sent a letter to the airlines and the Department of Homeland Security asking for an explanation ...
1 year ago Therecord.media
How Cisco and Wipro are Improving the Airport Experience - The airport experience can be hectic, overwhelming, and stressful. Travelers are navigating long security lines, struggling to arrive at their gate on time, and enduring inevitable flight delays that can make for an unrelaxing start to vacation. As ...
6 months ago Feedpress.me
US No-Fly List Found on the Internet - Internet security is an ever-growing concern, especially in the current climate where hackers and other malicious actors often have access to vast amounts of data. The latest example of this was recently discovered by security researchers, who found ...
1 year ago Hackread.com
Cyber Security Managed Services 101 - Benefits of an MSP. Maximizing efficiency. Cyber threats and cyberattacks like ransomware targeting SMBs continue to increase in part because malicious actors realize these organizations don't have the means or manpower for security teams. Even ...
1 year ago Trendmicro.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
6 months ago Feeds.dzone.com
FCC reminds mobile phone carriers they must do more to prevent SIM swaps - The Federal Communications Commission is warning mobile phone service providers to ensure they are shielding customers from cybercriminals who use fraudulent SIM swaps to take over unwitting victims' mobile phone accounts. The warning comes on the ...
6 months ago Therecord.media
How to Keep Cyberattacks From Taking Off - COMMENTARY. Over the last three years, the global aviation industry has been left reeling by a post-pandemic sucker punch that hit the sector with over $185 billion in losses. Once a bastion of American prosperity, airlines were forced into survival ...
7 months ago Darkreading.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
6 months ago Esecurityplanet.com
DHS Awards UAA to Launch New ADAC-ARCTIC Center of Excellence - S&T will provide ADAC-ARCTIC $46 million over a 10-year cooperative agreement to establish this Research Center portfolio for Homeland Security in the Arctic. Vital insights from academic-led innovative research will help the Department of Homeland ...
5 months ago Americansecuritytoday.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
6 months ago Microsoft.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
4 months ago Esecurityplanet.com
Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals - Fly Catcher is an open-source device that can detect aircraft spoofing by monitoring for malicious ADS-B signals in the 1090MHz frequency. Angelina Tsuboi, the developer of Fly Catcher, is an enthusiastic pilot, cybersecurity researcher, and ...
5 months ago Helpnetsecurity.com
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
1 month ago Blog.checkpoint.com
IaaS vs PaaS vs SaaS Security: Which Is Most Secure? - Security concerns include data protection, network security, identity and access management, and physical security. While IaaS gives complete control and accountability, PaaS strikes a compromise between control and simplicity, and SaaS provides a ...
6 months ago Esecurityplanet.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
4 months ago Cybersecuritynews.com
IaaS Security: Top 8 Issues & Prevention Best Practices - Understanding the risks, advantages, and best practices connected with IaaS security is becoming increasingly important as enterprises shift their infrastructure to the cloud. By exploring the top eight issues and preventative measures, as well as ...
6 months ago Esecurityplanet.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
1 month ago Esecurityplanet.com
The Art of Securing Cloud-Native Mobile Applications - We will explore the dynamic intersection of cloud-native architecture and mobile application security, delving into the strategies and best practices essential for safeguarding sensitive data, ensuring user privacy, and fortifying against emerging ...
6 months ago Feeds.dzone.com
Major Mexican airport confirms experts are working to address cyberattack - One of the highest-traffic airports in Mexico said it is responding to a cyberattack. The Querétaro Intercontinental Airport - about three hours from Mexico City - confirmed reports that it had been attacked by hackers, posting a notice on social ...
7 months ago Therecord.media
The Imperative for Zero Trust in a Cloud-Native Environment - The security policy is dynamically updated with the changes of users, devices, data and external risks. Due to the dynamic, containerized and microservice characteristics of cloud-native environments, traditional boundary security protection policies ...
6 months ago Securityboulevard.com
Konica Minolta Wins Two Platinum 'ASTORS' Homeland Security Awards - ' Now in its ninth year, it continues to recognize industry leaders in physical and border security, cybersecurity, emergency preparedness management and response, law enforcement, first responders, and federal, state, and municipal government ...
3 months ago Americansecuritytoday.com
Gaining Insights on the Top Security Conferences - A Guide for CSOs - Are you a CSO looking for the best security events around the world? Well, you have come to the right place! This article is a guide to the top security conferences that offer essential security insights to help make informed decisions. Security ...
1 year ago Csoonline.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)