Lemmy.World

175,221 readers
6,203 users here now

The World's Internet Frontpage Lemmy.World is a general-purpose Lemmy instance of various topics, for the entire world to use.

Be polite and follow the rules ⚖ https://legal.lemmy.world/tos

Get started

See the Getting Started Guide

Donations 💗

If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.

If you can, please use / switch to Ko-Fi, it has the lowest fees for us

Join the team 😎

Check out our team page to join

Questions / Issues

Questions/issues post to
To open a ticket
Reporting is to be done via the reporting button under a post/comment.
Additional Report Info HERE
Please note, you will NOT be able to comment or post while on a VPN or Tor connection

More Lemmy.World

Follow us for server news 🐘

Chat 🗨

Alternative UIs

https://a.lemmy.world - Alexandrite UI
https://photon.lemmy.world - Photon UI
https://m.lemmy.world - Voyager mobile UI
https://old.lemmy.world - A familiar UI

Monitoring / Stats 🌐

Service Status 🔥

https://status.lemmy.world

Lemmy.World is part of the FediHosting Foundation

founded 2 years ago

ADMINS

Leaked Secrets and Unlimited Miles: Hacking the Largest Airline and Hotel Rewards Platform (samcurry.net)

submitted 2 years ago by [email protected] to c/[email protected]

0 comments fedilink

Between March 2023 and May 2023, we identified multiple security vulnerabilities within points.com, the backend provider for a significant portion of airline and hotel rewards programs. These vulnerabilities would have enabled an attacker to access sensitive customer account information, including names, billing addresses, redacted credit card details, emails, phone numbers, and transaction records. Moreover, the attacker could exploit these vulnerabilities to perform actions such as transferring points from customer accounts and gaining unauthorized access to a global administrator website. This unauthorized access would grant the attacker full permissions to issue reward points, manage rewards programs, oversee customer accounts, and execute various administrative functions.

Leaked Secrets and Unlimited Miles: Hacking the Largest Airline and Hotel Rewards Platform (samcurry.net)

submitted 2 years ago by repostbot33 to c/netsec

0 comments fedilink

Leaked Secrets and Unlimited Miles: Hacking the Largest Airline and Hotel Rewards Platform (samcurry.net)

submitted 2 years ago by L4s to c/secops

0 comments fedilink

Leaked Secrets and Unlimited Miles: Hacking the Largest Airline and Hotel Rewards Platform::Between March, 2023 and May, 2023 we reported multiple security vulnerabilities to points.com, the backend provider for a large portion of airline and hotel rewards programs...