It’s pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker … Read More “Security Vulnerability in Saflok’s RFID-Based Keycard Locks” »
Category: hotels
Auto Added by WPeMatico
Marriott announced another data breach, this one affecting 5.2 million people: At this point, we believe that the following information may have been involved, although not all of this information was present for every guest involved: Contact Details (e.g., name, mailing address, email address, and phone number) Loyalty Account Information (e.g., account number and points … Read More “Marriott Was Hacked — Again” »
This is a fascinating article about a bait-and-switch Airbnb fraud. The article focuses on one particular group of scammers and how they operate, using the fact that Airbnb as a company doesn’t do much to combat fraud on its platform. But I am more interested in how the fraudsters essentially hacked the complex sociotechnical system … Read More “Details of an Airbnb Fraud” »
The New York Times and Reuters are reporting that China was behind the recent hack of Mariott Hotels. Note that this is still uncomfirmed, but interesting if it is true. Reuters: Private investigators looking into the breach have found hacking tools, techniques and procedures previously used in attacks attributed to Chinese hackers, said three sources … Read More “Marriott Hack Reported as Chinese State-Sponsored” »
Researchers have disclosed a massive vulnerability in the VingCard eletronic lock system, used in hotel rooms around the world: With a $300 Proxmark RFID card reading and writing tool, any expired keycard pulled from the trash of a target hotel, and a set of cryptographic tricks developed over close to 15 years of on-and-off analysis … Read More “Security Vulnerabilities in VingCard Electronic Locks” »
Attackers held an Austrian hotel network for ransom, demanding $1,800 in bitcoin to unlock the network. Among other things, the locked network wouldn’t allow any of the guests to open their hotel room doors. I expect IoT ransomware to become a major area of crime in the next few years. How long before we see … Read More “IoT Ransomware against Austrian Hotel” »
“The next time you call for assistance because the Internet service in your home is not working, the ‘technician’ who comes to your door may actually be an undercover government agent. He will have secretly disconnected the service, knowing that you will naturally call for help and — when he shows up at your door, … Read More “The Limits of Police Subterfuge” »
This is a creepy story. The FBI wanted access to a hotel guest’s room without a warrant. So agents broke his Internet connection, and then posed as Internet technicians to gain access to his hotel room without a warrant. From the motion to suppress: The next time you call for assistance because the internet service … Read More “FBI Agents Pose as Repairmen to Bypass Warrant Process” »
Kaspersky Labs is reporting (detailed report here, technical details here) on a sophisticated hacker group that is targeting specific individuals around the world. “Darkhotel” is the name the group and its techniques has been given. This APT precisely drives its campaigns by spear-phishing targets with highly advanced Flash zero-day exploits that effectively evade the latest … Read More “Sophisticated Targeted Attack Via Hotel Networks” »