Critical Vulnerability Found in Airport Security System

https://ian.sh/tsa A significant security flaw has been discovered in FlyCASS, a web-based service used by some airlines to manage the Known Crewmember (KCM) program and the Cockpit Access Security System (CASS). The vulnerability could have potentially allowed...

FIDO Security Token YubiKey 5 Vulnerable to Cloning Attacks

https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf A new side-channel vulnerability has been discovered in the YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard. This vulnerability allows attackers...
Research Study: Where’s The Worst Place to Leave Your Secrets

Research Study: Where’s The Worst Place to Leave Your Secrets

What’s the worst place to leave your secrets? – Research into what happens to AWS credentials that are left in public places Researchers deployed digital tripwires disguised as AWS credentials in various public locations online to see how quickly threat actors would...