Tag Archive for: Show

Hackers Show Vulnerabilities of RFID-Based Hotel Door Locks

/in


Hackers show vulnerabilities of RFID-based hotel door locks

Apr 02, 2024In a scenario that feels lifted from Oceans 11, a group of hackers have shown the vulnerabilities of RFID-based locks through a hotel room keycard.

A team of security researchers recently revealed a hotel keycard hacking technique they call Unsaflok. The technique exposes a collection of security vulnerabilities that would allow a hacker to open several models of Saflok-brand RFID-based keycard locks sold by lock maker Dormakaba.

The Saflok systems are installed on three million doors worldwide, inside 13,000 properties in 131 countries.

RFID Journal Live

The Hackers Story

As detailed in a story published on Wired, the researchers exploited weaknesses in both Dormakaba’s encryption and the underlying RFID system used, known as MIFARE Classic, according to Ian Carroll and Lennert Wouters.

They started by obtaining any keycard from a target hotel—new or used—in order to read a certain code from that card with a $300 RFID read-write device. After writing two keycards of their own, they were able to first rewrite a certain piece of the lock’s data and then open it.

“Two quick taps and we open the door,” said Wouters, a researcher in the Computer Security and Industrial Cryptography group at the KU Leuven University in Belgium. “And that works on every door in the hotel.”

Dormakaba Solution

Wouters and Carroll shared the full technical details of their hacking technique with Dormakaba in November 2022. Dormakaba says that it’s been working since early last year to make hotels that use Saflok aware of their security flaws and to help them fix or replace the vulnerable locks.

For many of the Saflok systems sold in the last eight years, there’s no hardware replacement necessary for each individual lock. Instead, hotels will only need to update or replace the front desk management system and have a technician carry out a relatively quick reprogramming of each lock, door by door.

But Dormakaba has reportedly only updated 36 percent of installed Safloks. Given that the locks aren’t connected to the internet and some older locks will still need a hardware upgrade, they say the full fix will still likely take months…

Source…

How ‘The Morning Show’ Season 3 Rewrites the 2014 Sony Hack

/in


How ‘The Morning Show’ Season 3 Rewrites the 2014 Sony Hack | Time

Source…

Feds Fear Flipper Zero Use By Far-Right Documents Show

/in


Police departments in major cities have been put on alert over the Flipper Zero hacking tool and expressed concern over its potential use by racially motivated extremists, documents obtained by the Daily Dot show.

In an April 6, 2023 bulletin from the South Dakota Fusion Center (SDFC), which compiles and shares intelligence with law enforcement regarding perceived domestic threats, warnings were given about the possibility of extremist groups seeking to utilize the popular device.

“The NYPD Intelligence and Counterterrorism Bureau (ICB) assesses that racially and ethnically motivated violent extremists (REMVEs) may seek to exploit the hacking capabilities of a new cyber penetration tester, known as the Flipper Zero, in order to bypass access control systems,” the bulletin states.

flipper zero

REMVEs are described as any “loosely organized movement of individuals and groups that espouse some combination of racist, anti-Semitic, xenophobic, Islamophobic, misogynistic, and homophobic ideology,” a report from the Rand Corporation states.

“The majority of REMVE actors are motivated by cultural nationalism or White supremacy—beliefs that Caucasian or ‘Aryan’ peoples represent superior races, and that ‘White culture’ is superior to other cultures,” the report adds.

In the intelligence bulletin, which the Daily Dot obtained through the Freedom of Information Act (FOIA), the NYPD ICB is said to be monitoring discussions of the Flipper Zero on the messaging app Telegram among groups such as “domestic and international hackers, hobbyists, doomsday preppers, and most notably, REMVEs and accelerationists.”

The Flipper Zero is a portable and digital multi-tool that can hack everything from radio protocols to access control systems. The device is capable of cloning RFID cards, such as those used to open hotel rooms, and has been shown to be able to bypass the security on certain brands of electronic safes. While the device is able to perform some impressive feats, its capabilities have also been greatly exaggerated in staged TikTok videos.

While the NYPD ICB admits that it has not observed REMVEs “explicitly discuss the potential for Flipper Zero…

Source…

JBS’s cybersecurity was unusually poor prior to 2021 ransomware attack, internal homeland security records show

/in


Key takeaways

* JBS’s cybersecurity was “outside the typical range” for food production companies, experts told the federal government following the 2021 attack. (JBS did not respond to requests for comment.)

* Experts said the range of devices connected to the internet at food companies leaves them vulnerable.

* It’s difficult to gather information on cyberattacks, and they happen more often than what is reported, experts said.

A May 30, 2021, ransomware attack on JBS, one of the world’s largest meat companies, disrupted the company’s operations internationally and ended when the company paid an $11 million ransom to Russian hacker group REvil. 

While food production companies are potentially lucrative targets for cyberattacks, JBS was poorly protected against them compared to similar companies, according to cybersecurity experts.

The food and agriculture industry is designated as a Critical Infrastructure Sector by the U.S. Department of Homeland Security, meaning its “incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety.”

The whole industry is vulnerable to attacks like the one on JBS — and they happen quietly and often, according to John Hoffman, senior research fellow at the Food Protection and Defense Institute at the University of Minnesota. 

In the aftermath of the JBS ransomware attack, a representative of cybersecurity risk management firm BitSight told national security officials that JBS had “many many issues” with its computer system.

“Overall rating was poor and outside the typical range for Food Production companies,” wrote BitSight Vice President Jake Olcott in a June 2, 2021, email to Jeffrey Greene, who served as the National Security Council chief of cyber response and policy at the time. 

The emails obtained by Investigate Midwest via a public records request shed light on the federal government’s and private industry’s response to the JBS attack. 

“We’ve observed a massive number of malware infections on JBS over the last year (including Conficker),” Olcott wrote in the email. “JBS has been…

Source…