Mosfet Corley„A team of […] security researchers are revealing a #hotel #keycard hacking technique they call #Unsaflok. The technique is a collection of #security vulnerabilities that would allow a hacker to almost instantly open several models of #Saflok-brand #RFID-based keycard locks sold by the Swiss lock maker Dormakaba. The Saflok systems are installed on 3 million doors worldwide, inside 13,000 properties in 131 countries.“
gtbarryHackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds
exploiting weaknesses in encryption and the underlying RFID system, hackers obtain any keycard from a target hotel, read the code from the card and write two keycards of their own - then they merely tap those two cards on a lock
#BlackHat #DefCon #LasVegas #Dormakaba #Saflok #RFID #travel #hotels #security #cybersecurity #hacking #hackers
https://www.wired.com/story/saflok-hotel-lock-unsaflok-hack-technique/
Review SpaceMillions of Dormakaba Saflok RFID Locks Vulnerable to Security Breach: https://www.reviewspace.info/millions-of-dormakaba-saflok-rfid-locks-vulnerable-to-security-breach
#Security #Vulnerability #RFIDlocks #Dormakaba #Saflok #Cybersecurity #HotelSecurity #HomeSecurity #TechNews
securityaffairs#Unsaflok flaws allow to open millions of doors using #Dormakaba #Saflok electronic locks
https://securityaffairs.com/160900/hacking/unsaflok-flaws-dormakaba-saflok-electronic-locks.html
#securityaffairs #hacking
https://securityaffairs.com/160900/hacking/unsaflok-flaws-dormakaba-saflok-electronic-locks.html
#securityaffairs #hacking
Research Network Digi-Oek.ch[en] Serious security vulnerabilities in electronic RFID locks from dormakaba
"... identified weaknesses allow an attacker to unlock all rooms in a hotel using a single pair of forged keycards. Over [3m] hotel locks in 131 countries are affected."
"As of 03/2024, ... 36% of the impacted locks have been updated or replaced."
#ResearchHighlights #dormakaba #kaba #saflok #unsaflok #privacy #rfid #rfidlock #cybersecurity #ictsecurity #itsecurity #infosec #security
Harry SintonenThe use of MIFARE Classic already made it possible to clone the #Saflok keys at will, assuming you had even passing access to the key to clone. This was possible since you've been able to obtain UID programmable cards/fobs from china for over a decade, and thus produce 100% clones of MIFARE Classic cards/fobs. The actual key #Unsaflok finding is the generation of Skeleton keys that open all doors.
Chirael (Anthony) 
🇺🇦 
“Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds - The company behind Saflok-brand door locks is offering a fix, but it may take months or years to reach some hotels” https://www.wired.com/story/saflok-hotel-lock-unsaflok-hack-technique/ #locks #research #security #physicalsecurity #physsec #saflok #defcon
Classic example of #securitybyobscurity ending badly: "To clone the cards, they had to crack #dormakaba's key derivation function. ... Forged keycards can be created using any #MIFAREClassic card."
https://www.bleepingcomputer.com/news/security/unsaflok-flaw-can-let-hackers-unlock-millions-of-hotel-doors/ #Unsaflok #vulnerability #infosec #cybersecurity #Saflok
https://www.bleepingcomputer.com/news/security/unsaflok-flaw-can-let-hackers-unlock-millions-of-hotel-doors/ #Unsaflok #vulnerability #infosec #cybersecurity #Saflok
Not SimonWIRED: Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds. The company behind the Saflok-brand door locks is offering a fix, but it may take months or years to reach some hotels. 🔗 https://www.wired.com/story/saflok-hotel-lock-unsaflok-hack-technique/
PrivacyDigest