Hacking (79)

Displaying 'Hacking' tags 1 - 25 of 79 in total

Hikvision Backdoor Exploit

(PRO Only)

Full disclosure to the Hikvision backdoor has been released, allowing easy exploit of vulnerable Hikvision IP cameras. As the researcher, Monte Crypto, who disclosed the details confirmed, this is: a backdoor that allows unauthenticated impers...

By Brian Karas - 6 days ago

September IP Networking Course

LAST Chance - Registration is ending. Register now. This is the only networking course designed specifically for video surveillance professionals plus it includes live training, personal help and certification. What the IPVM IP Networking Course...

By Brian Rhodes - 10 days ago

Fortune 500 Company Bars Dahua and Hikvision

(PRO Only)

A Fortune 500 company has barred Dahua and Hikvision cameras from a large RFP due to cyber security concerns, IPVM has confirmed with the company. In this note, we examine the reasons, Dahua and Hikvision's cyber security issues, and why this is ...

By IPVM Team - 25 days ago

Security Press Wrong About New NY State Video Law

SecurityInfoWatch wrongly declared: N.Y. governor signs bill outlawing video surveillance of neighbors SDM wrongly affirmed: It is now illegal to make unauthorized video surveillance recordings of a neighbor’s backyard in New York.  The actual b...

By John Honovich - 26 days ago

Hikvision Happy With Bad Security Unless Hit With Bad Press

Hikvision is happy to have bad cyber security unless they are hit with bad press, as we detail inside. When you look at the pattern of their behavior, it is clear that anyone concerned about cyber security is taking significant risks with Hikvisi...

By John Honovich - 27 days ago

‘Experts' Fail On Dumbo IP Camera ‘Hack'

(PRO Only)

Dumbo, revealed by Wikileaks, has become big news. Unfortunately, 'experts' in the security industry have gotten it wrong, incorrectly contending that Dumbo hacks IP cameras. In this report, we examine Dumbo, the erroneous claims and the impact ...

By Brian Karas - about 1 month ago

Avigilon CEO Attacks Asian Companies Cyber Insecurity

(PRO Only)

Avigilon CEO is taking aim at their Asian competitors. And he is going directly after these company's cyber security issues. In this note, we examine his claim, analyze its accuracy and examine how this fits in a broader pattern of Western com...

By IPVM Team - about 1 month ago

Hikvision Responds To Cracked Security Codes

(PRO Only)

Hikvision has responded to IPVM's report on Hikvision's security code being cracked, both with a 2 page update to dealers and communication directly with IPVM. In this note, we examine Hikvision's response, evaluating the positive and negative el...

By Brian Karas - about 1 month ago

Vulnerability Directory For Access Control Cards

(PRO Only)

Knowing which access credentials are insecure can be unclear, especially because most look and feel the same. Even the most insecure 125 kHz types are still widely supported, and using 13.56 MHz smartcards is no sure guarantee the format has not b...

By Brian Rhodes - about 1 month ago

Hikvision Security Code Cracked

(PRO Only)

Hikvision's 'security code' feature has been cracked and a program generating security codes is being distributed online. IPVM has obtained and tested this program, verifying that it works. Hikvision 'security code' allows unauthenticated users t...

By IPVM Team - about 2 months ago

US Army Bans Chinese DJI Drones

(PRO Only)

The US Army has issued a ban on Chinese-made DJI drones. A US Army memo obtained by sUAS News references a classified document from the Army Research Laboratory titles "DJI UAS Technology Threat and User Vulnerabilities".   Inside this note, ...

By Brian Karas - about 2 months ago

Dahua Suffers Second Major Vulnerability, Silent [Finally Acknowledges]

(PRO Only)

Less than 3 months ago, Dahua received DHS ICS-CERT's worst score of 10.0 for their backdoor. Now, Dahua has received another 10.0 score for a new vulnerability. Despite that, Dahua has remained silent. In this note, we examine the vulnerability...

By Brian Karas - 2 months ago

Wireless Burglar Alarm Sensors Guide

(PRO Only)

Wireless sensors for burglar alarm sensors are an increasingly common option for the historical labor intensive wired alarm systems. However, there are numerous elements and tradeoffs involved in using wireless sensors. In this guide, we explain...

By Ari Erenthal - 2 months ago

PR Campaign Exploiting Manufacturer Cybersecurity

(PRO Only)

Manufacturers increasingly have a bulls-eye on their back. As cyber security solutions providers grow, they realize a great way to get publicity for themselves is to maximize coverage of exploits they discover.  In this report, we provide a behi...

By Brian Karas - 2 months ago

Hikvision USA Head of Cybersecurity Exits

(PRO Only)

Hikvision USA's Head of Cybersecurity has exited the company. In this note, we review the move, share Hikvision's feedback and examine the company's efforts to improve their cybersecurity following numerous vulnerabilities and problems (e.g., 1, ...

By Brian Karas - 2 months ago

Wrongly Accused Critical Vulnerability for Vivotek

(PRO Only)

Vulnerabilities are an increasing branding and business problem for video surveillance manufacturers. However, sometimes vulnerabilities reported are not as critical as the reports claim.  Vivotek was recently faced with one but the vulnerability...

By Brian Karas - 2 months ago

Smartcard Copier Tested (13.56MHz)

(PRO Only)

Copying 125kHz cards is certainly easy, as our test results showed, but how about 13.56MHz smart cards? Are they more secure? IPVM focused on the risk of Hacking Your Access Control With This $30 HID 125kHz Card Copier, but are more advanced 13.5...

By Brian Rhodes - 3 months ago

No Hack, Still Liable, Court Finds ADT

(PRO Only)

Recently, ADT has been in the news for a $16 million settlement for a cyber security vulnerability class action suit. One of the most important and interesting points behind this settlement is a court order that found ADT could be found liable ev...

By IPVM Team - 3 months ago

How To Hack Your Company's Hikvision Recorder

(PRO Only)

Here's how easy it is to hack your company's Hikvision recorder: It does not matter how hard or secret the admin password is. Hikvision will happily help you. Hikvision will let anyone do it with no verification. You cannot disable this 'fea...

By IPVM Team - 4 months ago

Anti-Hack Access Card Shields Tested

(PRO Only)

Keeping your access control card information secure is becoming a big priority, especially since cheaper copiers can hack details easily. Multiple products claim they can keep those RFID details hidden, so we bought several examples to put them to...

By Brian Rhodes - 4 months ago

Hackable 125kHz Access Control Migration Guide

(PRO Only)

Despite being one of the most popular credentials, 125 kHz credentials are easily copied and insecure as we showed in our test results, video embedded below: However, changing to more secure credentials is not always a clear path, and doing it ...

By Brian Rhodes - 4 months ago

Cisco: Hikvision Hired Us

(PRO Only)

The day after Hikvision's backdoor was confirmed by the US Department of Homeland Security, Hikvision issued a press release about a 'cybersecurity collaboration' with Cisco inside China, with Hikvision USA touting that Hikvision was 'adding cyb...

By John Honovich - 4 months ago

Hikvision Blaming Backdoor On Others, Cannot Hide From DHS

Numerous Hikvision employees are blaming their backdoor on others but Hikvision cannot hide from the US Department of Homeland Security. Blaming Others Here is an example of a Hikvision employee's response to the backdoor: No need To worry, t...

By John Honovich - 5 months ago

Displaying 'Hacking' tags 1 - 25 of 79 in total