Hacking (93)

Displaying 'Hacking' tags 1 - 25 of 93 in total

Hikvision Removed From US Army Base, Congressional Hearing Called

Hikvision has been removed from a US Army Base and a US congressional committee is planning a hearing on cybersecurity risks and specifically, Hikvision, reports the WSJ in a follow up to their (WSJ) Investigation Into Hikvision. This is a majo...

By IPVM Team - 5 days ago

Hikvision Declares 'Never Click On Links In Emails'

(PRO Only)

Hikvision is stepping up its cybersecurity efforts with a clear recommendation - to never click on links in emails: It is a surprising change since Hikvision has relied on links in their 'Special Bulletin' emails in responding to their own nume...

By IPVM Team - 8 days ago

Hacked Hikvision IP Camera Map

The interactive map below shows a sample of hacked and vulnerable Hikvision IP cameras across the USA. Hover over a marker to see an image from that camera:   This map helps visually demonstrate how wide the practical impact and risk of easy to ...

By Brian Karas - 30 days ago

Broken Hikvision App Exposes Hypocrisy

(PRO Only)

While Hikvision talks about a commitment to cybersecurity, their broken app and their insecure 'solution' exposes not only their engineering problems but their hypocrisy about cybersecurity. In this note, we examine the problems, angry Hikvision ...

By John Honovich - about 1 month ago

Hikvision UPnP Hacking Risk

(PRO Only)

Hikvision IP cameras are being hacked even for end users who had not set up port forwarding and believed their cameras were 'safe' behind firewalls. The problem is UPnP and, more specifically, how Hikvision has insecurely used UPnP over the years...

By IPVM Team - about 1 month ago

Dahua Forbes 'Next Web Crisis' Vulnerability Dispute

(PRO Only)

The buffer overflow vulnerability in Dahua products is not in dispute, in fact we covered it when it was first published. What is in dispute is how significant the vulnerability is, and the risks posed to users with unpatched devices. This was r...

By Brian Karas - 2 months ago

Vivotek Remote Stack Overflow Vulnerability

(PRO Only)

A stack overflow vulnerability in Vivotek cameras has been discovered by bashis, the security researcher who has also found vulnerabilities in cameras from Axis and Dahua, among other brands. The vulnerability is very easy to exploit, and opens up...

By Brian Karas - 2 months ago

WSJ Investigates Hikvision

(PRO Only)

The Wall Street Journal (WSJ) has released a detailed investigation into Hikvision's government ownership and cybersecurity problems, hitting the paper's front page.   Given the WSJ's global readership (42 million monthly readers, 2+ million pai...

By John Honovich - 2 months ago

Hikvision Admits Backdoor 'PR Issue'

(PRO Only)

Hikvision is admitting a problem. The backdoor itself is evidently not the problem for them. The problem, according to Hikvision, is a public relations issue, as their new Cybersecurity Director / spokesperson Chuck Davis explained: Undoubted...

By John Honovich - 3 months ago

Uniview Recorder Backdoor Examined

(PRO Only)

A Chinese research group has identified a vulnerability in Uniview recorders that allows backdoor access in a method similar to the Dahua backdoor. IPVM spoke with the researcher behind the discovery and Uniview to determine the severity and impa...

By Brian Karas - 3 months ago

Dahua Trying, Struggling To Respond To Hacking Attacks

(PRO Only)

Now, 2 weeks since large-scale hacking attacks commenced against Dahua vulnerable devices, we analyze Dahua's response. On the positive side, Dahua is clearly trying to respond, providing information and help to those impacted. However, Dahua is ...

By Brian Karas - 3 months ago

Hikvision USA Misleads Dealers On Backdoor

Hikvision USA emailed their dealers overnight with their 5th cyber security 'special bulletin' of the year. Misleading Unfortunately, they have misled their dealers by omitting critical information: Details of how to exploit the vulnerabi...

By John Honovich - 4 months ago

FLIR Thermal Camera Multiple Vulnerabilities, Patch Released

(PRO Only)

Multiple cyber security vulnerabilities exist in FLIR thermal cameras, which have not been fixed, despite being reported months ago. UPDATE- FLIR has released patches, which are covered in this report. In this note, we examine the vulnerabilities...

By Brian Karas - 4 months ago

Hackers Globally Attacking Dahua Recorders

(PRO Only)

Dahua recorders are being hacked and vandalized around the world, as confirmed by dozens of reports to IPVM since the attacks surged 5 days ago. Key points: If you have Dahua recorders and you port forwarded it (as they unfortunately recom...

By IPVM Team - 4 months ago

September IP Networking Course

LAST Chance - Registration is ending. Register now. This is the only networking course designed specifically for video surveillance professionals plus it includes live training, personal help and certification. What the IPVM IP Networking Course...

By Brian Rhodes - 4 months ago

Hikvision Backdoor Exploit

(PRO Only)

Full disclosure to the Hikvision backdoor has been released, allowing easy exploit of vulnerable Hikvision IP cameras. As the researcher, Monte Crypto, who disclosed the details confirmed, this is: a backdoor that allows unauthenticated impers...

By Brian Karas - 5 months ago

Fortune 500 Company Bars Dahua and Hikvision

(PRO Only)

A Fortune 500 company has barred Dahua and Hikvision cameras from a large RFP due to cyber security concerns, IPVM has confirmed with the company. In this note, we examine the reasons, Dahua and Hikvision's cyber security issues, and why this is ...

By IPVM Team - 5 months ago

Security Press Wrong About New NY State Video Law

SecurityInfoWatch wrongly declared: N.Y. governor signs bill outlawing video surveillance of neighbors SDM wrongly affirmed: It is now illegal to make unauthorized video surveillance recordings of a neighbor’s backyard in New York.  The actual b...

By John Honovich - 5 months ago

Hikvision Happy With Bad Security Unless Hit With Bad Press

Hikvision is happy to have bad cyber security unless they are hit with bad press, as we detail inside. When you look at the pattern of their behavior, it is clear that anyone concerned about cyber security is taking significant risks with Hikvisi...

By John Honovich - 5 months ago

‘Experts' Fail On Dumbo IP Camera ‘Hack'

(PRO Only)

Dumbo, revealed by Wikileaks, has become big news. Unfortunately, 'experts' in the security industry have gotten it wrong, incorrectly contending that Dumbo hacks IP cameras. In this report, we examine Dumbo, the erroneous claims and the impact ...

By Brian Karas - 5 months ago

Avigilon CEO Attacks Asian Companies Cyber Insecurity

(PRO Only)

Avigilon CEO is taking aim at their Asian competitors. And he is going directly after these company's cyber security issues. In this note, we examine his claim, analyze its accuracy and examine how this fits in a broader pattern of Western com...

By IPVM Team - 5 months ago

Hikvision Responds To Cracked Security Codes

(PRO Only)

Hikvision has responded to IPVM's report on Hikvision's security code being cracked, both with a 2 page update to dealers and communication directly with IPVM. In this note, we examine Hikvision's response, evaluating the positive and negative el...

By Brian Karas - 5 months ago

Vulnerability Directory For Access Control Cards

(PRO Only)

Knowing which access credentials are insecure can be unclear, especially because most look and feel the same. Even the most insecure 125 kHz types are still widely supported, and using 13.56 MHz smartcards is no sure guarantee the format has not b...

By Brian Rhodes - 5 months ago

Hikvision Security Code Cracked

(PRO Only)

Hikvision's 'security code' feature has been cracked and a program generating security codes is being distributed online. IPVM has obtained and tested this program, verifying that it works. Hikvision 'security code' allows unauthenticated users t...

By IPVM Team - 5 months ago

US Army Bans Chinese DJI Drones

(PRO Only)

The US Army has issued a ban on Chinese-made DJI drones. A US Army memo obtained by sUAS News references a classified document from the Army Research Laboratory titles "DJI UAS Technology Threat and User Vulnerabilities".   Inside this note, ...

By Brian Karas - 5 months ago

Displaying 'Hacking' tags 1 - 25 of 93 in total