all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Neighbourhood Watch - Hikvision Intercom Eavesdropping

Add to bookmarks
Sept. 14, 2023, 8:25 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Exploit network-level vulnerabilities in Hikvision intercom products like a pro!


  <img alt="post featured image" src="https://skylightcyber.comhttps://skylightcyber.com/2023/09/14/neighbourhood-watch%e2%80%93hikvision-intercom-eavesdropping/thumbnail.jpg" />
  <h1><a href="https://skylightcyber.com/#TL-DR" rel="noreferrer" target="_blank" title="TL;DR"></a>TL;DR</h1><p>Hikvision intercom products are vulnerable to several network-level attacks due to ineffective command parsing logic and lack of message-level authentication. Combining a few of these vulnerabilities allows an attacker to gain administrative access to a device in the same network, commonly a building, and covertly open the microphone.</p>


Introduction

Have you ever answered your ringing intercom and thought, “I wonder …

devices eavesdropping exploit hacked hikvision intercom network physical physical security pro products security thought vulnerabilities watch yes

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

ISC Stormcast For Monday, May 6th, 2024 https://isc.sans.edu/podcastdetail/8968, (Mon, May 6th) 2 hours ago | malware.news
topic
Just Launched: Checkmarx AI Security 7 hours ago | malware.news
address ai security appsec area +12
Introducing Real Time IDE Scanning – More Secure Code in Real Time 7 hours ago | malware.news
address code development development teams +14
Introducing AI Security Champion with Auto-remediation for SAST 7 hours ago | malware.news
ai security application applications application security +16
How to Incorporate SAST, DAST, and SCA into the SDLC 19 hours ago | malware.news
application application security application security testing application security testing tools +12
Nslookup's Debug Options, (Sun, May 5th) 21 hours ago | malware.news
debug dns machine may +4
Pay up, or else? – Week in security with Tony Anscombe 1 day, 9 hours ago | malware.news
attack caught dilemma hard +10
Sintesi riepilogativa delle campagne malevole nella settimana del 27 Aprile – 3 Maggio 2024 1 day, 11 hours ago | malware.news
cert con cui dei +2
Malware Simulators cannot test Antivirus Software 1 day, 22 hours ago | malware.news
malware analysis topic

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States
View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)
View on infosec-jobs.com
View more jobs