CSOonline

Booking.com account takeover flaw shows possible pitfalls in OAuth implementations

Booking.com, one of the world’s largest online travel agencies, recently patched a vulnerability in its implementation of the OAuth protocol that could have allowed attackers to gain access to ...
The Boston Globe

Booking.com suspended my account. How can I get it back?

Q. I write to express my disappointment and distress with my recent experiences at Booking.com. I travel frequently, as do my wife and family. I always recommend Booking.com, and we all use it almost ...
Dark Reading

Booking.com's OAuth Implementation Allows Full Account Takeover

Flaws in the authorization system of the Booking.com website could have allowed attackers to take over user accounts and gain full visibility into their personal or payment-card data, as well as log ...
Krebs on Security

Booking.com Phishers May Leave You With Reservations

A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing campaign that ensued when a California ...
Hosted on MSN

Booking.com hit by fresh security breach, travelers told to watch accounts

Criminal forums are selling your travel booking details for thousands of dollars, but Booking.com’s confirmed data breach reveals exactly how attackers monetize your vacation plans. The company reset ...