Hacking (132)

Displaying 'Hacking' tags 51 - 75 of 132 in total

Vivotek Remote Stack Overflow Vulnerability

(Member Only)

A stack overflow vulnerability in Vivotek cameras has been discovered by bashis, the security researcher who has also found vulnerabilities in cameras from Axis and Dahua, among other brands. The vulnerability is very easy to exploit, and opens up...

By Brian Karas - over 3 years ago

WSJ Investigates Hikvision

The Wall Street Journal (WSJ) has released a detailed investigation into Hikvision's government ownership and cybersecurity problems, hitting the paper's front page. Given the WSJ's global readership (42 million monthly readers, 2+ million...

By John Honovich - over 3 years ago

Hikvision Admits Backdoor 'PR Issue'

(Member Only)

Hikvision is admitting a problem. The backdoor itself is evidently not the problem for them. The problem, according to Hikvision, is a public relations issue, as their new Cybersecurity Director / spokesperson Chuck Davis [link no longer...

By John Honovich - over 3 years ago

Uniview Recorder Backdoor Examined

(Member Only)

A Chinese research group has identified a vulnerability in Uniview recorders that allows backdoor access in a method similar to the Dahua backdoor. IPVM spoke with the researcher behind the discovery and Uniview to determine the severity and...

By Brian Karas - over 3 years ago

Dahua Trying, Struggling To Respond To Hacking Attacks

(Member Only)

Now, 2 weeks since large-scale hacking attacks commenced against Dahua vulnerable devices, we analyze Dahua's response. On the positive side, Dahua is clearly trying to respond, providing information and help to those impacted. However, Dahua is...

By Brian Karas - over 3 years ago

Hikvision USA Misleads Dealers On Backdoor

Hikvision USA emailed their dealers overnight with their 5th cyber security 'special bulletin' of the year. Misleading Unfortunately, they have misled their dealers by omitting critical information: Details of how to exploit the...

By John Honovich - over 3 years ago

FLIR Thermal Camera Multiple Vulnerabilities, Patch Released

(Member Only)

Multiple cyber security vulnerabilities exist in FLIR thermal cameras, which have not been fixed, despite being reported months ago. UPDATE- FLIR has released patches, which are covered in this report. In this note, we examine the...

By Brian Karas - over 3 years ago

Dahua Recorders Mass Hacked

Dahua recorders are being hacked and vandalized around the world, as confirmed by dozens of reports to IPVM since the attacks surged 5 days ago. Key points: If you have Dahua recorders and you port forwarded it (as they unfortunately...

By IPVM Team - over 3 years ago

Hikvision Backdoor Exploit

Full disclosure to the Hikvision backdoor has been released, allowing easy exploit of vulnerable Hikvision IP cameras. As the researcher, Monte Crypto, who disclosed the details confirmed, this is: a backdoor that allows unauthenticated...

By IPVM Team - almost 4 years ago

Fortune 500 Company Bars Dahua and Hikvision

A Fortune 500 company has barred Dahua and Hikvision cameras from a large RFP due to cyber security concerns, IPVM has confirmed with the company. In this note, we examine the reasons, Dahua and Hikvision's cyber security issues, and why this is...

By IPVM Team - almost 4 years ago

Security Press Wrong About New NY State Video Law

SecurityInfoWatch wrongly declared: N.Y. governor signs bill outlawing video surveillance of neighbors [link no longer available] SDM wrongly affirmed: It is now illegal to make unauthorized video surveillance recordings of a neighbor’s backyard...

By John Honovich - almost 4 years ago

Hikvision Happy With Bad Security Unless Hit With Bad Press

Hikvision is happy to have bad cyber security unless they are hit with bad press, as we detail inside. When you look at the pattern of their behavior, it is clear that anyone concerned about cyber security is taking significant risks with...

By John Honovich - almost 4 years ago

‘Experts' Fail On Dumbo IP Camera ‘Hack'

(Member Only)

Dumbo, revealed by Wikileaks, has become big news. Unfortunately, 'experts' in the security industry have gotten it wrong, incorrectly contending that Dumbo hacks IP cameras. In this report, we examine Dumbo, the erroneous claims and the impact...

By Brian Karas - almost 4 years ago

Avigilon CEO Attacks Asian Companies Cyber Insecurity

(Member Only)

Avigilon CEO is taking aim at their Asian competitors. And he is going directly after these company's cyber security issues. In this note, we examine his claim, analyze its accuracy and examine how this fits in a broader pattern of Western...

By IPVM Team - almost 4 years ago

Hikvision Responds To Cracked Security Codes

(Member Only)

Hikvision has responded to IPVM's report on Hikvision's security code being cracked, both with a 2 page update to dealers and communication directly with IPVM. In this note, we examine Hikvision's response, evaluating the positive and negative...

By Brian Karas - almost 4 years ago

Hikvision Security Code Cracked

(Member Only)

Hikvision's 'security code' feature has been cracked and a program generating security codes is being distributed online. IPVM has obtained and tested this program, verifying that it works. Hikvision 'security code' allows unauthenticated users...

By IPVM Team - almost 4 years ago

US Army Bans Chinese DJI Drones

(Member Only)

The US Army has issued a ban on Chinese-made DJI drones. A US Army memo obtained by sUAS News references a classified document from the Army Research Laboratory titles "DJI UAS Technology Threat and User Vulnerabilities".   Inside this note,...

By Brian Karas - almost 4 years ago

Wireless Burglar Alarm Sensors Guide

(Member Only)

Wireless sensors for burglar alarm sensors are an increasingly common option for the historical labor intensive wired alarm systems. However, there are numerous elements and tradeoffs involved in using wireless sensors. In this guide, we explain...

By Ari Erenthal - almost 4 years ago

Devil's Ivy PR Campaign Exploiting Manufacturer Cybersecurity

Manufacturers increasingly have a bulls-eye on their back. As cyber security solutions providers grow, they realize a great way to get publicity for themselves is to maximize coverage of exploits they discover.  In this report, we provide a...

By IPVM Team - almost 4 years ago

Hikvision USA Head of Cybersecurity Exits

(Member Only)

Hikvision USA's Head of Cybersecurity has exited the company. In this note, we review the move, share Hikvision's feedback and examine the company's efforts to improve their cybersecurity following numerous vulnerabilities and problems (e.g., 1,...

By Brian Karas - almost 4 years ago

Wrongly Accused Critical Vulnerability for Vivotek

(Member Only)

Vulnerabilities are an increasing branding and business problem for video surveillance manufacturers. However, sometimes vulnerabilities reported are not as critical as the reports claim.  Vivotek was recently faced with one but the vulnerability...

By Brian Karas - almost 4 years ago

ONVIF Chairman Criticizes Low Cost Cameras (Also, He Works At Axis)

(Member Only)

ONVIF Chairman Per Björkdahl [link no longer available] has taken a strong public stance against low cost cameras that are 'much more vulnerable to attack' as he explains in this Source Security 'roundtable': This is fascinating on a number of...

By John Honovich - almost 4 years ago

Smartcard Copier Tested (13.56MHz)

(Member Only)

Copying 125kHz cards is certainly easy, as our test results showed, but how about 13.56MHz smart cards? Are they more secure? IPVM focused on the risk of Hacking Your Access Control With This $30 HID 125kHz Card Copier, but are more advanced...

By Brian Rhodes - almost 4 years ago

No Hack, Still Liable, Court Finds ADT

(Member Only)

Recently, ADT has been in the news for a $16 million settlement for a cyber security vulnerability class action suit. One of the most important and interesting points behind this settlement is a court order that found ADT could be found liable...

By IPVM Team - almost 4 years ago

Displaying 'Hacking' tags 51 - 75 of 132 in total