Hacking (87)

Displaying 'Hacking' tags 1 - 25 of 87 in total

Dahua Forbes 'Next Web Crisis' Vulnerability Dispute

(PRO Only)

The buffer overflow vulnerability in Dahua products is not in dispute, in fact we covered it when it was first published. What is in dispute is how significant the vulnerability is, and the risks posed to users with unpatched devices. This was r...

By Brian Karas - 1 day ago

Vivotek Remote Stack Overflow Vulnerability

(PRO Only)

A stack overflow vulnerability in Vivotek cameras has been discovered by bashis, the security researcher who has also found vulnerabilities in cameras from Axis and Dahua, among other brands. The vulnerability is very easy to exploit, and opens up...

By Brian Karas - 3 days ago

WSJ Investigates Hikvision

(PRO Only)

The Wall Street Journal (WSJ) has released a detailed investigation into Hikvision's government ownership and cybersecurity problems, hitting the paper's front page.   Given the WSJ's global readership (42 million monthly readers, 2+ million pai...

By John Honovich - 4 days ago

Hikvision Admits Backdoor 'PR Issue'

(PRO Only)

Hikvision is admitting a problem. The backdoor itself is evidently not the problem for them. The problem, according to Hikvision, is a public relations issue, as their new Cybersecurity Director / spokesperson Chuck Davis explained: Undoubted...

By John Honovich - 24 days ago

Dahua Trying, Struggling To Respond To Hacking Attacks

(PRO Only)

Now, 2 weeks since large-scale hacking attacks commenced against Dahua vulnerable devices, we analyze Dahua's response. On the positive side, Dahua is clearly trying to respond, providing information and help to those impacted. However, Dahua is ...

By Brian Karas - about 1 month ago

Hikvision USA Misleads Dealers On Backdoor

Hikvision USA emailed their dealers overnight with their 5th cyber security 'special bulletin' of the year. Misleading Unfortunately, they have misled their dealers by omitting critical information: Details of how to exploit the vulnerabi...

By John Honovich - about 2 months ago

FLIR Thermal Camera Multiple Vulnerabilities, Patch Released

(PRO Only)

Multiple cyber security vulnerabilities exist in FLIR thermal cameras, which have not been fixed, despite being reported months ago. In this note, we examine the vulnerabilities, share our test results of vulnerable FLIR cameras, review FLIR's re...

By Brian Karas - about 2 months ago

Hackers Globally Attacking Dahua Recorders

(PRO Only)

Dahua recorders are being hacked and vandalized around the world, as confirmed by dozens of reports to IPVM since the attacks surged 5 days ago. Key points: If you have Dahua recorders and you port forwarded it (as they unfortunately recom...

By IPVM Team - about 2 months ago

September IP Networking Course

LAST Chance - Registration is ending. Register now. This is the only networking course designed specifically for video surveillance professionals plus it includes live training, personal help and certification. What the IPVM IP Networking Course...

By Brian Rhodes - 2 months ago

Hikvision Backdoor Exploit

(PRO Only)

Full disclosure to the Hikvision backdoor has been released, allowing easy exploit of vulnerable Hikvision IP cameras. As the researcher, Monte Crypto, who disclosed the details confirmed, this is: a backdoor that allows unauthenticated impers...

By Brian Karas - 3 months ago

Fortune 500 Company Bars Dahua and Hikvision

(PRO Only)

A Fortune 500 company has barred Dahua and Hikvision cameras from a large RFP due to cyber security concerns, IPVM has confirmed with the company. In this note, we examine the reasons, Dahua and Hikvision's cyber security issues, and why this is ...

By IPVM Team - 3 months ago

Security Press Wrong About New NY State Video Law

SecurityInfoWatch wrongly declared: N.Y. governor signs bill outlawing video surveillance of neighbors SDM wrongly affirmed: It is now illegal to make unauthorized video surveillance recordings of a neighbor’s backyard in New York.  The actual b...

By John Honovich - 3 months ago

Hikvision Happy With Bad Security Unless Hit With Bad Press

Hikvision is happy to have bad cyber security unless they are hit with bad press, as we detail inside. When you look at the pattern of their behavior, it is clear that anyone concerned about cyber security is taking significant risks with Hikvisi...

By John Honovich - 3 months ago

‘Experts' Fail On Dumbo IP Camera ‘Hack'

(PRO Only)

Dumbo, revealed by Wikileaks, has become big news. Unfortunately, 'experts' in the security industry have gotten it wrong, incorrectly contending that Dumbo hacks IP cameras. In this report, we examine Dumbo, the erroneous claims and the impact ...

By Brian Karas - 3 months ago

Avigilon CEO Attacks Asian Companies Cyber Insecurity

(PRO Only)

Avigilon CEO is taking aim at their Asian competitors. And he is going directly after these company's cyber security issues. In this note, we examine his claim, analyze its accuracy and examine how this fits in a broader pattern of Western com...

By IPVM Team - 3 months ago

Hikvision Responds To Cracked Security Codes

(PRO Only)

Hikvision has responded to IPVM's report on Hikvision's security code being cracked, both with a 2 page update to dealers and communication directly with IPVM. In this note, we examine Hikvision's response, evaluating the positive and negative el...

By Brian Karas - 3 months ago

Vulnerability Directory For Access Control Cards

(PRO Only)

Knowing which access credentials are insecure can be unclear, especially because most look and feel the same. Even the most insecure 125 kHz types are still widely supported, and using 13.56 MHz smartcards is no sure guarantee the format has not b...

By Brian Rhodes - 3 months ago

Hikvision Security Code Cracked

(PRO Only)

Hikvision's 'security code' feature has been cracked and a program generating security codes is being distributed online. IPVM has obtained and tested this program, verifying that it works. Hikvision 'security code' allows unauthenticated users t...

By IPVM Team - 3 months ago

US Army Bans Chinese DJI Drones

(PRO Only)

The US Army has issued a ban on Chinese-made DJI drones. A US Army memo obtained by sUAS News references a classified document from the Army Research Laboratory titles "DJI UAS Technology Threat and User Vulnerabilities".   Inside this note, ...

By Brian Karas - 3 months ago

Dahua Suffers Second Major Vulnerability, Silent [Finally Acknowledges]

(PRO Only)

Less than 3 months ago, Dahua received DHS ICS-CERT's worst score of 10.0 for their backdoor. Now, Dahua has received another 10.0 score for a new vulnerability. Despite that, Dahua has remained silent. In this note, we examine the vulnerability...

By Brian Karas - 4 months ago

Wireless Burglar Alarm Sensors Guide

(PRO Only)

Wireless sensors for burglar alarm sensors are an increasingly common option for the historical labor intensive wired alarm systems. However, there are numerous elements and tradeoffs involved in using wireless sensors. In this guide, we explain...

By Ari Erenthal - 4 months ago

PR Campaign Exploiting Manufacturer Cybersecurity

(PRO Only)

Manufacturers increasingly have a bulls-eye on their back. As cyber security solutions providers grow, they realize a great way to get publicity for themselves is to maximize coverage of exploits they discover.  In this report, we provide a behi...

By Brian Karas - 4 months ago

Hikvision USA Head of Cybersecurity Exits

(PRO Only)

Hikvision USA's Head of Cybersecurity has exited the company. In this note, we review the move, share Hikvision's feedback and examine the company's efforts to improve their cybersecurity following numerous vulnerabilities and problems (e.g., 1, ...

By Brian Karas - 4 months ago

Wrongly Accused Critical Vulnerability for Vivotek

(PRO Only)

Vulnerabilities are an increasing branding and business problem for video surveillance manufacturers. However, sometimes vulnerabilities reported are not as critical as the reports claim.  Vivotek was recently faced with one but the vulnerability...

By Brian Karas - 4 months ago

Displaying 'Hacking' tags 1 - 25 of 87 in total