hotels – SSL and internet security news

Security Vulnerability in Saflok’s RFID-Based Keycard Locks

March 27, 2024 infossl

cybersecurity, hacking, hotels, Internet of Things, locks, Security technology, Uncategorized, vulnerabilities

It’s pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker … Read More “Security Vulnerability in Saflok’s RFID-Based Keycard Locks” »

Marriott Was Hacked — Again

April 2, 2020 infossl

accountability, breaches, disclosure, hacking, hotels, Security technology

Marriott announced another data breach, this one affecting 5.2 million people: At this point, we believe that the following information may have been involved, although not all of this information was present for every guest involved: Contact Details (e.g., name, mailing address, email address, and phone number) Loyalty Account Information (e.g., account number and points … Read More “Marriott Was Hacked — Again” »

Details of an Airbnb Fraud

November 6, 2019 infossl

fraud, hotels, Security technology

This is a fascinating article about a bait-and-switch Airbnb fraud. The article focuses on one particular group of scammers and how they operate, using the fact that Airbnb as a company doesn’t do much to combat fraud on its platform. But I am more interested in how the fraudsters essentially hacked the complex sociotechnical system … Read More “Details of an Airbnb Fraud” »

Marriott Hack Reported as Chinese State-Sponsored

December 13, 2018 infossl

attribution, china, hacking, hotels, Security technology

The New York Times and Reuters are reporting that China was behind the recent hack of Mariott Hotels. Note that this is still uncomfirmed, but interesting if it is true. Reuters: Private investigators looking into the breach have found hacking tools, techniques and procedures previously used in attacks attributed to Chinese hackers, said three sources … Read More “Marriott Hack Reported as Chinese State-Sponsored” »

Security Vulnerabilities in VingCard Electronic Locks

April 30, 2018 infossl

hacking, hotels, patching, Security technology, vulnerabilities

Researchers have disclosed a massive vulnerability in the VingCard eletronic lock system, used in hotel rooms around the world: With a $300 Proxmark RFID card reading and writing tool, any expired keycard pulled from the trash of a target hotel, and a set of cryptographic tricks developed over close to 15 years of on-and-off analysis … Read More “Security Vulnerabilities in VingCard Electronic Locks” »

IoT Ransomware against Austrian Hotel

January 31, 2017 infossl

bitcoin, hotels, internetofthings, ransomware, Security technology

Attackers held an Austrian hotel network for ransom, demanding $1,800 in bitcoin to unlock the network. Among other things, the locked network wouldn’t allow any of the guests to open their hotel room doors. I expect IoT ransomware to become a major area of crime in the next few years. How long before we see … Read More “IoT Ransomware against Austrian Hotel” »

The Limits of Police Subterfuge

December 18, 2014 infossl

courts, fbi, gambling, hotels, laws, police, privacy, searches, Security technology, socialengineering, surveillance

“The next time you call for assistance because the Internet service in your home is not working, the ‘technician’ who comes to your door may actually be an undercover government agent. He will have secretly disconnected the service, knowing that you will naturally call for help and — when he shows up at your door, … Read More “The Limits of Police Subterfuge” »

FBI Agents Pose as Repairmen to Bypass Warrant Process

November 26, 2014 infossl

courts, fbi, hotels, searches, Security technology, socialengineering, undercover

This is a creepy story. The FBI wanted access to a hotel guest’s room without a warrant. So agents broke his Internet connection, and then posed as Internet technicians to gain access to his hotel room without a warrant. From the motion to suppress: The next time you call for assistance because the internet service … Read More “FBI Agents Pose as Repairmen to Bypass Warrant Process” »

Sophisticated Targeted Attack Via Hotel Networks

November 10, 2014 infossl

adobe, hacking, hotels, kaspersky, malware, Security technology

Kaspersky Labs is reporting (detailed report here, technical details here) on a sophisticated hacker group that is targeting specific individuals around the world. “Darkhotel” is the name the group and its techniques has been given. This APT precisely drives its campaigns by spear-phishing targets with highly advanced Flash zero-day exploits that effectively evade the latest … Read More “Sophisticated Targeted Attack Via Hotel Networks” »