For those of you who do not want to watch a half hour video, here's a recap of key claims / points made:
In general, what he is doing is applying Linux system administration skills to find ways to get root or admin access to the device. Once he has that, he can view, modify or change the underlying computer behind the 'camera'.
The Hollywood Hack
At the end, he showed how to do the classic Hollywood Hack of replacing a camera feed with a static image to fool a live security guard.
For example, here is an elevator:
Once he has root access to the computer/camera, he can kill the video streaming process, in the case below a MJPEG camera feed:
He can also issue a simple command to respond with a static image (that he supplies) when a user requests the video stream, thereby fooling the operator:
Doing this with a H.264 stream would be different but the same overall approach would apply.
Hacking D-Link Camera
The first hack shown was of the D-Link DCS-7410, though he said it applied to lots of D-Link cameras and other brands (like Trendnet). Also at the end, he noted that a fix has already been released in newer firmware.
He found 1 directory that was not password protected, this one:
Then he found that you could pass arbitrary commands to this URL and it would evaluate / run them:
Once he realized that, he simply passed the command to request the admin password which was return in plain text.
With the admin password, he obviously then had access to video and everything else.
In the middle of the presentation, he also showed hacks of Cisco and IQinVision cameras.