* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Thursday, September 4, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    ITV Studios Launches New Entertainment Label – Global Bulletin – IMDb

    ITV Studios Unveils Exciting New Entertainment Label

    TS Entertainment bringing Malibu Jack’s to former Owensboro mall – Lane Report

    TS Entertainment Launches Malibu Jack’s at Former Owensboro Mall Location

    Jenny Han Dropped a Major ‘The Summer I Turned Pretty’ Easter Egg Revealing [SPOILER] – yahoo.com

    Jenny Han Just Unveiled a Huge ‘The Summer I Turned Pretty’ Easter Egg That Changes Everything [SPOILER]

    Liam Payne’s Cousin Ross Harris Honors Late Singer With Emotional Song ‘Bones’ – yahoo.com

    Liam Payne’s Cousin Ross Harris Honors Late Singer with Emotional New Song ‘Bones

    Country music star apologizes after drunken show ends with cops taking him down: ‘I’m not OK’ – PennLive.com

    Country Music Star Apologizes After Drunken Show Ends in Police Intervention: ‘I’m Not OK

    Comanche Nation Entertainment closes casino near Devol – KSWO 7News

    Comanche Nation Entertainment Closes Casino Near Devol in Surprising Move

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Credo Technology Group Holding Ltd. (CRDO) Surpasses Q1 Earnings and Revenue Estimates – Yahoo Finance

    Credo Technology Group Surpasses Q1 Earnings and Revenue Expectations

    The Economist is hiring a science and technology correspondent – The Economist

    Exciting Opportunity: Become Our Next Science and Technology Correspondent!

    Blockchain lender Figure Technology seeks to raise up to $526M in IPO (FIGR:Pending) – Seeking Alpha

    Blockchain Lender Figure Technology Sets Sights on $526M in Thrilling IPO Launch

    New Technology from Ramsey Theory Group Brings Diagnostic Testing and Telehealth Directly into Patients’ Homes – Yahoo Finance

    Revolutionary Ramsey Theory Technology Delivers Diagnostic Testing and Telehealth Right to Your Doorstep

    China’s CATL sells stake in Finnish subcontract car manufacturer – Reuters

    China’s CATL Sells Stake in Finnish Auto Supplier in Strategic Move

    This Secret Technology Will Make The IPhone 17 Super Thin Air – VOI.ID

    How This Breakthrough Technology Will Make the iPhone 17 Incredibly Thin and Lightweight

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    ITV Studios Launches New Entertainment Label – Global Bulletin – IMDb

    ITV Studios Unveils Exciting New Entertainment Label

    TS Entertainment bringing Malibu Jack’s to former Owensboro mall – Lane Report

    TS Entertainment Launches Malibu Jack’s at Former Owensboro Mall Location

    Jenny Han Dropped a Major ‘The Summer I Turned Pretty’ Easter Egg Revealing [SPOILER] – yahoo.com

    Jenny Han Just Unveiled a Huge ‘The Summer I Turned Pretty’ Easter Egg That Changes Everything [SPOILER]

    Liam Payne’s Cousin Ross Harris Honors Late Singer With Emotional Song ‘Bones’ – yahoo.com

    Liam Payne’s Cousin Ross Harris Honors Late Singer with Emotional New Song ‘Bones

    Country music star apologizes after drunken show ends with cops taking him down: ‘I’m not OK’ – PennLive.com

    Country Music Star Apologizes After Drunken Show Ends in Police Intervention: ‘I’m Not OK

    Comanche Nation Entertainment closes casino near Devol – KSWO 7News

    Comanche Nation Entertainment Closes Casino Near Devol in Surprising Move

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Credo Technology Group Holding Ltd. (CRDO) Surpasses Q1 Earnings and Revenue Estimates – Yahoo Finance

    Credo Technology Group Surpasses Q1 Earnings and Revenue Expectations

    The Economist is hiring a science and technology correspondent – The Economist

    Exciting Opportunity: Become Our Next Science and Technology Correspondent!

    Blockchain lender Figure Technology seeks to raise up to $526M in IPO (FIGR:Pending) – Seeking Alpha

    Blockchain Lender Figure Technology Sets Sights on $526M in Thrilling IPO Launch

    New Technology from Ramsey Theory Group Brings Diagnostic Testing and Telehealth Directly into Patients’ Homes – Yahoo Finance

    Revolutionary Ramsey Theory Technology Delivers Diagnostic Testing and Telehealth Right to Your Doorstep

    China’s CATL sells stake in Finnish subcontract car manufacturer – Reuters

    China’s CATL Sells Stake in Finnish Auto Supplier in Strategic Move

    This Secret Technology Will Make The IPhone 17 Super Thin Air – VOI.ID

    How This Breakthrough Technology Will Make the iPhone 17 Incredibly Thin and Lightweight

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

3 million doors open to uninvited guests in keycard exploit

March 24, 2024
in Technology
3 million doors open to uninvited guests in keycard exploit
Share on FacebookShare on Twitter

Around 3 million doors protected by popular keycard locks are thought to be vulnerable to security flaws that allow miscreants to quickly slip into locked rooms.

Security researchers developed an exploit that applies to various Saflok keycard locks made by Swiss security company dormakaba, ones that are prevalent in hotels around the world, as well as properties of multiple occupancy.

The researchers who worked on the exploit, dubbed “Unsaflok,” said more than 3 million hotel locks across 131 countries are affected.

Lennert Wouters, Ian Carroll, rqu, BusesCanFly, Sam Curry, sshell, and Will Caruana reported the vulnerabilities to dormakaba in September 2022 and disclosed them this week.

Saflok MT and Saflok RT Plus are the most common models people may have encountered on their travels, although all locks using the Saflok system are vulnerable – these include door locks, and the keycard readers used in elevators and parking garages.

A keycard from the property an intruder wants to break into is required to pull off the attack. This could be a valid card such as one issued to the intruder’s own hotel room, or even an expired one swiped from the express checkout deposit bin.

From there, two cards would need to be created – one to rewrite the data on the lock and another to open it, the researchers explained to Wired. This could all be done using commercially available equipment, including a Flipper Zero or even an NFC-capable Android phone, and a few MIFARE Classic cards.

It would also require the intruders to reverse engineer the software used by hotel front desk staff to reprogram keycards to locks. Hotels that use these locks, of which there are more than 13,000 around the world, typically use System 6000 or Ambience for the management of keycards, researchers said. 

El Reg asked dormakaba to comment, and we’ll add that in if we hear back. According to the researchers’ writeup on Unsaflok, the manufacturer started working on a fix in November 2023, more than a year after the vulnerabilities were discovered.

That fix has now been developed, but apparently the process of getting these locks updated, or in some cases replaced entirely, is a bit of a chore. That’s illustrated by the rate of upgrades so far, which stands at just 36 percent of all affected locks.

It’s not just the door locks that need upgrading – the hotel software also needs upgrading, as do the keycard encoders, and the keycards themselves. The researchers said the keycards may actually be a giveaway to anyone wanting to know if their lock is free from forgeries.

Hackers remotely start, unlock Honda Civics with $300 tech

Key to success: Tenants finally get physical keys after suing landlords for fitting Bluetooth smart-lock to front door

We don’t want to be Latch key-less kids: NYC tenants sue landlords for bunging IoT ‘smart’ lock on their front door

Hotel, motel, Holiday Inn? Doesn’t matter – they may need to update their room key software

“It is not possible to visually tell if a lock has been updated to fix these vulnerabilities,” they said. “You may be able to tell if a hotel has been through the upgrade process if the guest keycards are using MIFARE Ultralight C cards instead of MIFARE Classic.”

NFC reader apps available on Android and iOS can present this kind of data, and well-informed front desk staff may be able to let guests know too.

“Note that this information only applies to dormakaba Saflok systems; several other lock manufacturers use MIFARE Classic keycards and are not affected by the Unsaflok vulnerability. Nevertheless, the use of MIFARE Classic in a security-sensitive application is not recommended.”

There’s no available evidence to suggest that these locks have been bypassed in historical intrusion attempts, however, the vulnerabilities have been present in Saflok systems for more than 36 years … so that’s a pretty long window in which they could have been exploited before.

While it is possible to detect for unauthorized intrusions by auditing each lock’s entry and exit logs, the researchers said due to the nature of the vulnerability, these logs could be misattributed to a different keycard or even a staff member.

Full details of the vulnerabilities, which are chained together to forge these keycards, haven’t been revealed yet and won’t be for some time out of fears that an explosion in intrusions will take place while hotels upgrade.

“We are not planning on sharing a full proof of concept at this time due to the potential impact to hotels and guests,” the researchers said. “We plan on sharing additional technical details of the vulnerability in the future.”

Unsaflok certainly isn’t a first-of-its-kind type of exploit, as other security whizzes have broken into other keycard systems before.

Back in 2018, before its enterprise arm split off to WithSecure, F-Secure publicized exploitable flaws in VingCard’s Vision system, which is also used to secure millions of rooms worldwide, although only a small proportion of these were thought to be exploitable.

Going back to 2012, researchers demonstrated a way to break into Onity locks too during that year’s Black Hat event – the same event that saw Unsaflok flaunted in 2022, albeit behind the closed doors of a private security competition to which the researchers were invited. ®

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : The Register – https://go.theregister.com/feed/www.theregister.com/2024/03/22/tap_and_go_straight_to/

Tags: DOORSMilliontechnology
Previous Post

‘Kavya Maran Moye Moye Moment’, Social Media Reacts On SRH Owner’s Roller-Coaster Of Emotions After Team’s Defeat In IPL 2024

Next Post

Uncle Sam wants to know how big airlines use passenger data

Potential caterpillar mimicry in a tropical hummingbird – Falk – 2025 – Ecology – ESA Journals

Tropical Hummingbird’s Surprising Caterpillar Mimicry Revealed

September 4, 2025
Degrees of Science: Healthy Aging – KWTX

Unlocking the Secrets to Healthy Aging: A Science-Based Guide

September 4, 2025
Podcast: Blame, bad drivers, and ‘safety science’ – BikePortland

Podcast: Blame, bad drivers, and ‘safety science’ – BikePortland

September 4, 2025
If you want your 60s to be some of the best years of your life, say goodbye to these 5 behaviors – VegOut

If you want your 60s to be some of the best years of your life, say goodbye to these 5 behaviors – VegOut

September 4, 2025
Credo Technology Group Holding Ltd. (CRDO) Surpasses Q1 Earnings and Revenue Estimates – Yahoo Finance

Credo Technology Group Surpasses Q1 Earnings and Revenue Expectations

September 4, 2025

NFL Week 1 Power Rankings: Eagles Take Early Lead, But Bills Poised to Claim Ultimate Crown

September 4, 2025
Xi Parades Military Strength as Trump Accuses Him of Conspiring With Putin and Kim – The New York Times

Xi Unveils Military Strength as Trump Levels Accusations of Alliances with Putin and Kim

September 4, 2025
Trump tariffs and the Fed: Fate of U.S. economy may lie with the Supreme Court – Axios

How the Supreme Court Could Decide the Future of the U.S. Economy Amid Trump Tariffs and Fed Moves

September 4, 2025
ITV Studios Launches New Entertainment Label – Global Bulletin – IMDb

ITV Studios Unveils Exciting New Entertainment Label

September 4, 2025
RFK Jr. is spreading a reckless myth about SSRIs and mass shootings – MSNBC News

RFK Jr. Fuels Dangerous Myth Linking SSRIs to Mass Shootings

September 4, 2025

Categories

Archives

September 2025
MTWTFSS
1234567
891011121314
15161718192021
22232425262728
2930 
« Aug    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (806)
  • Economy (824)
  • Entertainment (21,704)
  • General (16,848)
  • Health (9,865)
  • Lifestyle (839)
  • News (22,149)
  • People (826)
  • Politics (831)
  • Science (16,035)
  • Sports (21,323)
  • Technology (15,805)
  • World (805)

Recent News

Potential caterpillar mimicry in a tropical hummingbird – Falk – 2025 – Ecology – ESA Journals

Tropical Hummingbird’s Surprising Caterpillar Mimicry Revealed

September 4, 2025
Degrees of Science: Healthy Aging – KWTX

Unlocking the Secrets to Healthy Aging: A Science-Based Guide

September 4, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version