Cyber Bits · · 2 min read

Cyber Bits: September 2

This week, we take a look at SQLi vulnerabilities within TSA software, researchers being sued, and a staggering 200+ victims of RansomHub's Ransomware-as-a-Service.

Cyber Bits: September 2

This week, we take a look at SQLi vulnerabilities within TSA software, researchers being sued by forwarding breach data to media outlets, and a staggering 200+ victims of RansomHub's Ransomware-as-a-Service.

SQL Injection Vulnerability in TSA Security System

Link: Bleeping Computer

Researchers discovered a critical SQL injection vulnerability in the FlyCASS system, used by some airlines to manage the TSA's Known Crewmember (KCM) and Cockpit Access Security System (CASS). This flaw could allow attackers to bypass airport security checks and gain unauthorized access to aircraft cockpits. The vulnerability was reported to the Department of Homeland Security, leading to the disconnection of FlyCASS from the KCM/CASS system as a precaution. Despite the severity of the issue, the TSA downplayed its impact, stating that "other vetting processes would prevent unauthorized access". This comment was removed after security researchers showed additional information countering these claims.

Researcher Sued for Sharing Ransomware Data

Link: Bleeping Computer

A security researcher faces a lawsuit for allegedly sharing data that had been stolen during a ransomware attack with the media. The lawsuit underscores the legal and ethical challenges that can arise when researchers handle sensitive data obtained through illicit means, even when the intent is to expose vulnerabilities or inform the public. This case raises questions about the severity of the data initially claimed by the Mayor to be inconsequential.

FBI Report on RansomHub Ransomware

Link: Bleeping Computer

The FBI reports that the RansomHub ransomware group has breached 210 victims since February 2024. RansomHub has targeted a wide range of industries, leveraging the threat of exposing stolen data to extort ransom payments. The group's activity is underlined by the group's transition from exporting data to selling to the highest bidder should negotiations fall through.

Read next

Cyber Bits: November 25
Cyber Bits ·

Cyber Bits: November 25

Welcome to this week's edition of Cyber Bits, where we cover the latest in malware campaigns, advanced persistent threats, data breaches, vulnerabilities in enterprise systems from Fortinet and Palo Alto, and the economic impact of cyberattacks. Here's what you need to know this week:

Cyber Bits: October 21
Cyber Bits ·

Cyber Bits: October 21

In this week's Cyber Bits, Internet Archive faces another breach, Microsoft sets up Azure tenant honeypots, ransomware attacks are using ESET's name, Microsoft may have lost some security logs, and North Korea is targeting companies looking for temporary IT workers.

Cyber Bits: October 14
Cyber Bits ·

Cyber Bits: October 14

In this weeks Cyber Bits, Microsoft deprecates VPN protocols, OpenAI confirms what everyone already knew about bad guys using ChatGPT for malware, SOC teams lament alert fatigue, qualified personnel gaps in cloud and cyber, and how to build cyber resilience for SMB's.