Anyone with basic knowledge of SQL injection could login to this site and add anyone they wanted to KCM and CASS, allowing themselves to both skip security screening and then access the cockpits of commercial airliners.

  • Telorand@reddthat.com
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    4 months ago

    Bruh, it’s 2024, and banks still don’t have app-based or hardware-based TOTP.

    I get that upgrading can be hard, but when you’re safeguarding people’s lives or money (and also PII), I don’t understand how it’s not a legal mandate that you have to meet certain basic security thresholds.

    Edit: typo