Tag Archive for: video

Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds (Video)

/in


https://www.vecteezy.com/photo/24543747-hand-using-keycard-for-smart-digital-door-lock-while-open-or-close-the-door-at-home-or-apartment-nfc-technology-fingerprint-scan-pin-number-smartphone-and-contactless-lifestyle-conceptshttps://www.vecteezy.com/photo/24543747-hand-using-keycard-for-smart-digital-door-lock-while-open-or-close-the-door-at-home-or-apartment-nfc-technology-fingerprint-scan-pin-number-smartphone-and-contactless-lifestyle-concepts

When thousands of security researchers descend on Las Vegas every August for what’s come to be known as “hacker summer camp,” the back-to-back Black Hat and Defcon hacker conferences, it’s a given that some of them will experiment with hacking the infrastructure of Vegas itself, the city’s elaborate array of casino and hospitality technology.

But at one private event in 2022, a select group of researchers were actually invited to hack a Vegas hotel room, competing in a suite crowded with their laptops and cans of Red Bull to find digital vulnerabilities in every one of the room’s gadgets, from its TV to its bedside VoIP phone.

One team of hackers spent those days focused on the lock on the room’s door, perhaps its most sensitive piece of technology of all. Now, more than a year and a half later, they’re finally bringing to light the results of that work: a technique they discovered that would allow an intruder to open any of millions of hotel rooms worldwide in seconds, with just two taps.

Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker Dormakaba. The Saflok systems are installed on 3 million doors worldwide, inside 13,000 properties in 131 countries.

By exploiting weaknesses in both Dormakaba’s encryption and the underlying RFID system Dormakaba uses, known as MIFARE Classic, Carroll and Wouters have demonstrated just how easily they can open a Saflok keycard lock. Their technique starts with obtaining any keycard from a target hotel—say, by booking a room there or grabbing a keycard out of a box of used ones—then reading a certain code from that card with a $300 RFID read-write device, and finally writing two keycards of their own. When they merely tap those two cards on a lock, the first rewrites a certain piece of the lock’s data, and the second opens it.

“Two quick taps and we open the door,” says Wouters, a researcher in the…

Source…

TikTok Shock As Viral Video Hack Freezes Screens—2 Ways To Fix It

/in


TikTok users are discovering a new and unwanted type of viral video craze over the Easter weekend: a hack that prevents them from scrolling backward or forwards, effectively freezing the app. Here’s what’s happening and how to fix it.

TikTok In The News, Again

TikTok has been in the news recently thanks to the proposed ban using the app for U.S. users unless owners ByteDance divest the U.S. operation. The highest earning app in the world, TikTok’s February revenue was $189 million. With an estimated 1.7 billion users in 2023, it is also one of the most popular largely thanks to the viral videos and crazes it has seen posted over the years.

But there is one viral trend on TikTok that certainly is not very popular among its users. The videos that are part of this craze appear to freeze the ability to scroll the screen in any direction, leaving users with no other option than to restart the app. However, it’s important to note that appearances can be deceiving, and not everything is as it seems at first glance.

MORE FROM FORBESThis Popular Google App Will Stop Working In 3 Days-How To Migrate Your DataBy Davey Winder

The TikTok Screen Freeze Hack

Users have been taking to the internet in droves (1, 2, 3) to complain that posts are appearing that lock their TikTok app down, preventing them from scrolling to the previous or next video. Many seem to think that the videos and images in question somehow freeze the app entirely, in effect bricking it for that session, or are even somehow breaking their phones. The truth, as always, is a lot less exciting albeit nonetheless annoying.

The videos, or rather images that look like videos, all contain some glib comment along the lines of “Sorry, I have to stop you from scrolling,” and, at first and second glance, this does appear to be the case.

If you try to swipe up or down, nothing happens; you’ll likely just get your attention drawn to the “I’ve stopped you scrolling” nonsense instead. What appears to be happening is that people have worked out that if you post an image and tag it with an unfeasibly large number of people,…

Source…

🚪 These video doorbells have terrible security, consumer experts warn

/in


On a recent Thursday afternoon, a Consumer Reports journalist received an email containing a grainy image of herself waving at a doorbell camera she’d set up at her back door.

If the message came from a complete stranger, it would have been alarming. Instead, it was sent by Steve Blair, a CR privacy and security test engineer who had hacked into the doorbell from 2,923 miles away.

Blair had pulled similar images from connected doorbells at other CR employees’ homes and from a device in our Yonkers, N.Y., testing lab. While we expected him to gain access to these devices, it was still a bit shocking to see photos of the journalist’s deck and backyard. After all, video doorbells are supposed to help you keep an eye on strangers at the door, not let other people watch you.

Blair was able to capture those images because he and fellow test engineer David Della Rocca had found serious security flaws in this doorbell, along with others sold under different brands but apparently made by the same manufacturer. The doorbells also lack a visible ID issued by the Federal Communications Commission (FCC) that’s required by the agency’s regulations, making them illegal to distribute in the U.S.

Thousands of these video doorbells are sold each month on Amazon and other online marketplaces, including Walmart, Sears, and the globally popular marketplaces Shein and Temu. Experts say they’re just a drop in the flood of cheap, insecure electronics from Chinese manufacturers being sold in the U.S.

Previously, regulators have asserted that thousands of unsafe products, including potentially dangerous children’s sleepwear, carbon monoxide detectors and dietary supplements, have been widely available on Amazon.

“Big e-commerce platforms like Amazon need to take more responsibility for the harms generated by the products they sell,” said Justin Brookman, director of technology policy for CR. “There is more they could be doing to vet sellers and respond to complaints. Instead, it seems like they’re coasting on their reputation and saddling unknowing consumers with broken products.”

Consumer Reports warn of security flaws in certain doorbell cameras (Copyright 2024 by WKMG ClickOrlando -…

Source…

‘Spider-Man 2’ video game studio hit by $2 million ransomware attack

/in



Perpetrators identifying themselves as the Rhysida group demanded a staggering $2 million from Insomniac – the video game studio behind ‘Spider-Man 2’ – as part of a huge ransomware attack.

Source…