Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Personal Security Breach. Show all posts

How Hackers Breached 3 Million Hotel Keycard Locks

 

The Unsaflok hack technique has raised concerns about the security of Saflok hotel locks. This sophisticated method exploits vulnerabilities in Saflok's system, potentially compromising the safety of guests and the reputation of hospitality establishments. 

The Unsaflok hack technique, first uncovered by security researchers, demonstrates how cybercriminals can exploit weaknesses in the Saflok electronic locking system to gain unauthorized access to hotel rooms. By leveraging a combination of hardware and software tools, hackers can bypass the locks' security mechanisms, granting them entry without leaving any visible signs of tampering. 

The implications of such a breach are profound. Beyond the immediate security risks to guests and their belongings, a compromised locking system can tarnish a hotel's reputation and lead to financial losses. Moreover, the trust between guests and hospitality providers, essential for maintaining customer loyalty, can be severely undermined. 

To mitigate the risks associated with the Unsaflok hack technique and similar threats, hotel operators must take proactive steps to enhance their security measures. Firstly, conducting a thorough assessment of existing locking systems to identify vulnerabilities is crucial. This includes examining both hardware and software components for any weaknesses that could be exploited by hackers. Implementing robust access control measures is essential for safeguarding against unauthorized entry. This may involve upgrading to newer, more secure locking systems that incorporate advanced encryption techniques and tamper-resistant features. 

Additionally, deploying intrusion detection systems and surveillance cameras can help detect and deter unauthorized access attempts in real-time. Regular security audits and penetration testing can provide valuable insights into the effectiveness of existing security measures and identify areas for improvement. By staying vigilant and proactive in addressing potential vulnerabilities, hotel operators can minimize the risk of falling victim to cyberattacks and protect the safety and privacy of their guests.

Furthermore, fostering a culture of cybersecurity awareness among staff members is critical. Employees should receive comprehensive training on identifying and reporting suspicious activities, as well as adhering to best practices for safeguarding sensitive information. By empowering staff to play an active role in cybersecurity defense, hotels can create a more resilient security posture. 

The Unsaflok hack technique highlights the importance of robust cybersecurity measures in the hospitality industry. By understanding the vulnerabilities inherent in electronic locking systems and taking proactive steps to enhance security, hotels can mitigate the risks posed by cyber threats and ensure the safety and satisfaction of their guests. Ultimately, investing in cybersecurity is not just a matter of protecting assets; it's a commitment to maintaining trust and reputation in an increasingly digital world.

Air Canada Exposes the Personal Details of 20000 Customers



A security breach incident occurred in Air Canada as the personal details of approx. 1% (i.e. 20,000 users) of the airline customers was exposed. The matter came to light as the airline authorities saw an unauthorized access to its mobile application and uploaded a notice on their official website about the same on the 28th of August 2018.

The company said that it had "observed odd log-in behaviour" transpiring between August 22-24.

The attackers - apart from the sensitive data that users may have had - likewise had access to passport numbers and expiry date, passport country of issuance, NEXUS numbers alongside essential profile data, gender, dates of birth, nationality and country of residence.

In any case, the company expresses that the credit card numbers remained unaffected in the break yet at the same time advised the customers to keep a mind on every one of their transactions.

As an extra security precautionary measure, the Air Canada authorities saw it fit to have locked all Air Canada mobile Application accounts with a specific end goal to protect their customers' data.

In this way, each of the 1.7 million customers of Air Canada will have to sign in again to the apps. Air Canada, along with sending messages to the customers influenced by the breach is currently looking for more ways to keep the customers at ease and is focused on sending mails to the customers with directions to reset logins.



Mozilla Extirpates 23 Firefox Add-Ons




Yesterday, Mozilla had extirpated 23 Firefox add-ons that pried in on clients and sent their information to remote servers, as affirmed by the Bleeping PC.

The blocked add-ons even incorporate "Web Security," the security-centric add-on with more than 220,000 users, which was found sending users' browsing histories to a server situated in Germany and remained at the centre of a controversy this week.

At the time, Mozilla engineers guaranteed that they would audit the add-on's conduct. Be that as it may, following the underlying report, a few users announced other add-ons displaying identical data collection patterns, some of which sent data to the same server as "Web Security".

"The mentioned add-on has been taken down, together with others after I conducted a thorough audit of [the] add-ons, these add-ons are no longer available at AMO and [have been] disabled in the browsers of users who installed them," says Mozilla Browser Engineer and Add-on reviewer, Rob Wu.

Remaining true to its word though, after a brisk test, Mozilla incapacitated the Web Security add-on in a Firefox instance Bleeping Computer utilized two days ago for tests and made sure that users of any of the restricted add-ons will be displayed a warning in this way:



A bug report incorporates the rundown of each of the 23 add-ons by their IDs, and not by their names, in spite of this fact Bleeping Computer has successfully tracked down the names of some additional items.

Other than Web Security, other restricted add-ons incorporate Browser Security, Browser Privacy, and Browser Safety. These have been sending information to an indistinguishable server as Web Security, situated at 136.243.163.73.

As indicated by a rundown gave to Bleeping Computer by Wu, other banned add-ons include:

YouTube Download & Adblocker Smarttube
Popup-Blocker
Facebook Bookmark Manager
Facebook Video Downloader
YouTube MP3 Converter & Download
Simply Search
Smarttube - Extreme
Self-Destroying Cookies
Popup Blocker Pro
YouTube - Ad block
Auto Destroy Cookies
Amazon Quick Search
YouTube Adblocker
Video Downloader
Google No Track
Quick AMZ

More than 500,000 users had atleast one of these add-ons installed inside their Firefox browser.
In the warning message above, Mozilla diverts users to this page for clarifications,

Sending user data to remote servers unnecessarily, and potential for remote code execution. Suspicious account activity for multiple accounts on AMO.


Attackers Targeting Dlink DSL Modem Routers ; Exploiting Them To Change The DNS Settings




A recent research has found attackers to be resorting to targeting DLink DSL modem routers in Brazil, with a specific end goal to exploit their DNS settings, which at that point enables them to redirect users endeavoring to associate with their online banks to fake banking websites that steal the client's record data.

As per the research by Radware, the exploit being utilized by the hackers enables them to effectively scan for and script the changing of a lot of vulnerable switches so the user's DNS settings point to a DNS server that is under the hacker's control.

Example of Fake Cloned Bank Site (Source: Radware)
Certificate Warning on Fake Site

At the point when the user attempts to connect to a website on the internet, they first question a DNS server to determine a hostname like www.google.com to an IP address like 172.217.11.36.
Their PC at that point associates with this IP address and starts the coveted connection. In this way by changing the name servers utilized on the router, users are diverted to fake and malignant sites without their insight and made to believe that these sites are indeed legitimate and dependable.
The pernicious URL takes the following form:

/dnscfg.cgi?dnsPrimary=&dnsSecondary=&dnsDynamic=0&dnsRefresh=1

at the point when the exploit permits unauthenticated remote configuration of DNS server settings on the modem router.

Radware’s research stated that – “The uniqueness about this approach is that the hijacking is performed without any interaction from the user, phishing campaigns with crafted URLs and malvertising campaigns attempting to change the DNS configuration from within the user’s browser have been reported as early as 2014 and throughout 2015 and 2016. In 2016, an exploit tool known as RouterHunterBr 2.0 was published on the internet and used the same malicious URLs, but there are no reports that Radware is aware of currently of abuse originating from this tool."

The researcher's state that the attack is deceptive as the user is totally unaware of the change, the hijacking works without creating or changing URLs in the user's browser.

A user can utilize any browser and his/her consistent regular routes, the user can type in the URL physically or even utilize it from cell phones, for example, a smart phone or tablet, and he/she will in any case be sent to the vindictive site rather than to their requested for site since the capturing viably works at the gateway level.

Radware along these lines , recommends users to utilize the http://www.whatsmydnsserver.com/ website to check their router's configured DNS servers, with the goal that they can alone decide whether there are servers that look suspicious as they won't be relegated by their internet service provider.

Hackers Target Travel Firm to Plunder Hundreds of Thousands from Clients




The Cyber criminals have now targeted a travel firm Booking.com in an offer to plunder hundreds and thousands of pounds from clients.

The clients were sent WhatsApp and text messages asserting a security break that implied that they needed to change their password.

Be that as it may, the link gave the attackers access to the bookings and they at that point, sent follow-up messages requesting full installment for holidays ahead of time with false bank details provided.

David Watts, the Marketing manager of Newcastle, got a WhatsApp message but realized it as a trick. He stated: "It looked exceptionally reasonable and I can now believe how people fell for it."

These seemed bona fide as they incorporated personal information of individuals  including their names, addresses, telephone numbers, dates and booking prices as well as reference numbers.




A Staggering Leak Results in 1.5 billion Sensitive Data and Records Made Public


According to a new research by risk intelligence company and cyber security firm, Digital Shadows, 1.5 billion sensitive and personal records have been made public online for anybody to take a look at.

The records, which range from medical archives to financial data, such as payslips, are "openly accessible" for anybody - even those with limited technical knowledge, the report said.

These documents were found over the initial three months of 2018, with the firm finding more than one and a one and a half billion (1,550,447,111, to be correct) records open over various misconfigured document sharing administrations, even  overshadowing 2016's Panama Papers spill.

The fact worth stressing for those in the UK was that the security analysts said that an incredible 36 for every penny of those uncovered records were situated in the European Union.

Rafael Amado, Digital Shadows' strategy and research, said in an interview that while the "sheer quantity of unprotected data was staggering, the quality of the data was really interesting too".

He clarified that confidential corporate information was additionally part of the leak, which included points of interest of products that haven't been released yet. He gave an example of a point of sale terminal that was leaking information on customer exchanges, times, places, and considerable parts of credit card numbers.

Germany was evidently the worst offender in Europe for data exposure levels, followed by France, Italy and after that the UK.

Be that as it may, the US still managed to turn out the biggest culprit as the report found that the States was the most noticeably awful nation for leaking data universally, with 200 million sensitive records prepared to be seen by anybody intrigued enough to look.

Amado faulted the data leakage for the poor security practices of businesses, which he said ought to be more vigilant in regards to how they store and ensure their assets and utilize file sharing protocols and servers as by not doing as such makes it easier for hackers and rival companies to take their important data.

French Security Researcher Claims Personal Security Breach Of Users By PM Modi’s Android App.


Since everybody nowadays is more accustomed to do everything digitally rather than manually the usage of applications and other technological shortcuts is very common , but it is still a shocking revelation for any user to come to know that his/her personal data is being transmitted to a third party without their consent, but what’s more distressing here is the fact the  “app” that is held responsible to do so is the Narendra Modi app, the personal mobile application of the Prime Minister of India Narendra Modi.

French security researcher Elliot Alderson has claimed that the app. is allegedly sharing private information of users to a third-party US company Clever Tap without their consent, Alderson shared a series of tweets claiming that when users create profile on Narendra Modi Android app, their device information, as well as personal data, is sent to a third-party domain called in.wzrkt.com., which apparently belongs to the US company.



In order to confirm whether this privacy breach occurred or not, Alt News decided to take a deep dive into this issue and investigated PM Modi’s Android App. They used popular software called Charles, to intercept the data between the phone and the outside world so as to ascertain whether the user’s phone is transacting with a certain website or not.

The software is capable of enabling one to view all the HTTP and SSL/HTTPS traffic between a machine and the Internet.

Alt News, to verify the claim of the researcher, installed the Narendra Modi Android app and proceeded further to create a profile. After successfully registering they got to know that the “app” was transacting data over the Internet which they captured using the Charles software mentioned above. There they saw that personal information such as name, email id, gender, telecom operator type and more was indeed being shared with the website in.wzrkt.com.

Here, the email-id pratik@xyzabc.com that Alt news entered during registration has been sent to in.wzrkt.com.

This is a very consequential happening as security issues related to sharing of personal information  are becoming more and more generic and so to say, this is not the first time that Elliot Alderson has claimed to such an occurrence.