Security Alerts & News
by Tymoteusz A. Góral

History
#1274 Fake boarding pass app gets hacker into fancy airline lounges
As the head of Poland’s Computer Emergency Response Team, Przemek Jaroszewski flies 50 to 80 times a year, and so has become something of a connoisseur of airlines’ premium status lounges. (He’s a particular fan of the Turkish Airlines lounge in Istanbul, complete with a cinema, putting green, Turkish bakery and free massages.) So when his gold status was mistakenly rejected last year by an automated boarding pass reader at a lounge in his home airport in Warsaw, he applied his hacker skills to make sure he’d never be locked out of an airline lounge again.

The result, which Jaroszewski plans to present Sunday at the Defcon security conference in Las Vegas, is a simple program that he’s now used dozens of times to enter airline lounges all over Europe. It’s an Android app that generates fake QR codes to spoof a boarding pass on his phone’s screen for any name, flight number, destination and class. And based on his experiments with the spoofed QR codes, almost none of the airline lounges he’s tested actually check those details against the airline’s ticketing database—only that the flight number included in the QR code exists. And that security flaw, he says, allows him or anyone else capable of generating a simple QR code to both access exclusive airport lounges and buy things at duty free shops that require proof of international travel, all without even buying a ticket.
Read more
#1278 Hackers make the first-ever ransomware for smart thermostats
#1277 Data breach at Oracle’s MICROS point-of-sale division
#1276 If your company doesn't care about IT, here are four ways to change their mind
#1275 SQL injection – hands in action session
#1274 Fake boarding pass app gets hacker into fancy airline lounges
#1273 'Quadrooter' security flaws said to affect over 900 million Android devices
#1272 Risk from Linux kernel hidden in Windows 10 exposed at black hat
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12