Aggregator

Cybersecurity researchers have uncovered a surge in attacks leveraging SparkRAT, a cross-platform Remote Access Trojan (RAT) written in GoLang. This open-source tool, initially released on GitHub in 2022, has become a favorite among hackers due to its modular design, multi-platform support, and rich feature set. The cross-platform RAT, SparkRAT is now being actively deployed in […]

The post Hackers Using SparkRAT In Wild To Attack Windows, macOS, and Linux Systems appeared first on Cyber Security News.

As US-based AI companies struggle with the news that the recently released Chinese-made open source DeepSeek-R1 reasoning model performs as well as theirs for a fraction of the cost, users are rushing to try out DeepSeek’s AI tool. In the process, they have pushed it to the top of the list of most popular iOS and Android apps. DeepSeek name abused for scams and malware delivery The company has reportedly been dealing with outages and … More →

The post DeepSeek’s popularity exploited by malware peddlers, scammers appeared first on Help Net Security.

The post CVE-2024-46507: Yeti Platform <br> Server-Side Template Injection (SSTI) appeared first on Rhino Security Labs.

Trust is the cornerstone of the hospitality industry. Guests rely on you to safeguard their personal data, payment information, and loyalty rewards. However, in today's digital landscape, this trust faces constant risks. APIs, which serve as the unseen connections among various systems and applications, are particularly vulnerable to cyber threats. A single flaw can compromise sensitive data and cripple your brand’s reputation.

Modern hotels depend heavily on APIs. They facilitate processes from online reservations and mobile check-ins to loyalty programs and customized guest experiences. Nonetheless, these APIs often manage sensitive information, including:

• Personally Identifiable Information (PII): Names, addresses, phone numbers, passport information
• Payment Card Information (PCI): Credit card numbers, expiration dates, CVV codes
• Loyalty Program Data: Reward points, membership levels, personal preferences

A compromise of any of these APIs can lead to dire outcomes.

Hotel loyalty programs present a goldmine for hackers. Stolen loyalty points can be exchanged or used for complimentary stays and upgrades on the dark web. Imagine a scenario in which a hacker breaches your API and siphons millions of points from your loyalty program. This would result in financial losses, diminish customer trust, and harm your brand reputation.

Marriott has repeatedly been a victim of data breaches. The expansive breach in 2018 affected nearly 500 million guests, while a more recent incident in 2024 reignited concerns regarding its system security. While the specifics of the 2024 breach remain under investigation, it is a clear reminder that even well-established hotel chains with strong security measures are susceptible. This highlights the urgent need for ongoing vigilance and robust security practices, particularly around APIs, to safeguard sensitive guest information.

Standard security solutions like firewalls and WAFs are inadequate for defending against advanced API attacks. That's where Salt Security comes into play. Salt Security stands as the premier API security platform, ensuring comprehensive lifecycle protection for your APIs. Here's how Salt can assist:

• API Discovery: Salt automatically identifies all of your APIs, including hidden and neglected APIs, giving you total visibility into your API environment, which is essential in the hospitality sector where APIs frequently change and new ones are continually developed.
• Posture Governance: Salt aids you in establishing and enforcing security policies across all your APIs, ensuring they are securely configured and comply with regulatory standards, encompassing aspects like authentication, authorization, and data encryption.
• Threat Protection: Salt employs AI and machine learning to identify and prevent API attacks in real-time, targeting sophisticated threats like business logic exploitation, account hijacking, and data theft.

With Salt Security, you can rest assured that your APIs are shielded from emerging threats.

Investing in API security goes beyond compliance; it's about safeguarding your guests, your brand, and your financial interests. By partnering with Salt Security, you can proactively secure your APIs and reduce risks, ensuring the continued success of your hospitality business.

If you want to learn more about Salt and how we can help you on your API Security journey through discovery, posture governance, and run-time threat protection, please contact us, schedule a demo, or check out our website.

The post Why API Security is Essential for the Hospitality Sector: Safeguarding Your Guests and Your Rewards appeared first on Security Boulevard.

AI poses great opportunities for people and companies to implement robust systems to minimize the success and long-term effects of attacks. 

The post Using AI To Help Keep Your Financial Data Safe  appeared first on Security Boulevard.