Hackers Can Access Dahua Security Cameras Through Vulnerabilities

Researchers have uncovered a security flaw that could be used by remote hackers to alter the timestamp of videos recorded by Dahua security cameras. This vulnerability, known as CVE-2022-30564, was discovered last year by Redinent Innovations, an India-based CCTV and IoT cybersecurity company. Both Dahua and Redinent have released advisories about the vulnerability. Redinent has rated the flaw as high severity, while Dahua has given it a 5.3 CVSS score, which is considered medium severity. According to Dahua, the vulnerability affects several types of cameras and video recorders, such as IPC, SD, NVR, and XVR products. An attacker can exploit the vulnerability by sending a specially crafted packet to the device, which will modify the system time. Redinent has stated that there are thousands of internet-exposed cameras that can be targeted directly by hackers, and exploitation from the local network is also possible. The attacker must have knowledge of an API's parameters in order to exploit the vulnerability. It is likely that this vulnerability will be used in highly targeted attacks to tamper with evidence, rather than for cybercrime operations. Dahua was informed of the issue in the fall of 2022 and has released patches for each of the affected devices. In December, Redinent also disclosed a vulnerability in Hikvision wireless bridges, which could lead to remote CCTV hacking.

This Cyber News was published on www.securityweek.com. Publication date: Thu, 09 Feb 2023 13:39:02 +0000


Cyber News related to Hackers Can Access Dahua Security Cameras Through Vulnerabilities

Home Security Cameras: Keeping an Eye on Your World - As technology advances, home security cameras have become a popular option for households seeking to increase their protection. This article will explore the various types of home security cameras available, the advantages they provide, and factors ...
10 months ago Securityzap.com
How to protect IP surveillance cameras from Wi-Fi jamming - Gone are the days of criminals cutting camera wires to evade detection: with the proliferation of affordable internet-connected cameras, burglars must resort to Wi-Fi jamming. Blocking the signal blinds the device and stalls home and business ...
6 months ago Helpnetsecurity.com
Hackers Can Access Dahua Security Cameras Through Vulnerabilities - Researchers have uncovered a security flaw that could be used by remote hackers to alter the timestamp of videos recorded by Dahua security cameras. This vulnerability, known as CVE-2022-30564, was discovered last year by Redinent Innovations, an ...
1 year ago Securityweek.com
Security Concerns Arise Over Chinese-Manufactured Surveillance Cameras Deployed at Romanian Military Locations - A routine procurement made by the Romanian military on January 16 for surveillance equipment manufactured in China has sparked concerns regarding national security implications. Valued at under $1,000, an employee of the Romanian Defense Ministry ...
7 months ago Cysecurity.news
San Francisco Police's Live Surveillance Yields Almost 200 Hours of Spying-Including of Music Festivals - A new report reveals that in just three months, from July 1 to September 30, 2023, the San Francisco Police Department racked up 193 hours and 19 minutes of live access to non-city surveillance cameras. That means for the equivalent of 8 days, police ...
9 months ago Eff.org
CVE-2019-3948 - The Amcrest IP2M-841B V2.520.AC00.18.R, Dahua IPC-XXBXX V2.622.0000000.9.R, Dahua IPC HX5X3X and HX4X3X V2.800.0000008.0.R, Dahua DH-IPC HX883X and DH-IPC-HX863X V2.622.0000000.7.R, Dahua DH-SD4XXXXX V2.623.0000000.7.R, Dahua DH-SD5XXXXX ...
4 years ago
Ukraine says Russia hacked web cameras to spy on targets in Kyiv - Ukraine's security officers said they took down two online surveillance cameras that were allegedly hacked by Russia to spy on air defense forces and critical infrastructure in Ukraine's capital, Kyiv. The cameras were installed on residential ...
10 months ago Therecord.media
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
1 year ago Hackread.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
10 months ago Feeds.dzone.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
11 months ago Microsoft.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
1 month ago Helpnetsecurity.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
9 months ago Cybersecuritynews.com
The First 10 Days of a vCISO’S Journey with a New Client - Cyber Defense Magazine - During this period, the vCISO conducts a comprehensive assessment to identify vulnerabilities, engages with key stakeholders to align security efforts with business objectives, and develops a strategic roadmap to prioritize actions and resources. If ...
1 month ago Cyberdefensemagazine.com
Russia Spies on Kyiv Defenses via Hacked Cameras Before Missile Strike - Russian intelligence hacked online surveillance cameras to spy on air defense activities and critical infrastructure in Kyiv ahead of recent missile strikes, the Security Service of Ukraine has revealed. The Kremlin was able to remotely control two ...
10 months ago Infosecurity-magazine.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
5 months ago Esecurityplanet.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
8 months ago Esecurityplanet.com
A Practitioner's Guide to Security-First Design - Instead, organizations must proactively fortify their defenses and enter the era of security-first design - an avant-garde approach that transcends traditional security measures. Security-first design is an approach that emphasizes integrating robust ...
10 months ago Feeds.dzone.com
Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware - Transitioning to memory-safe languages: Challenges and considerationsIn this Help Net Security interview, Omkhar Arasaratnam, General Manager at the Open Source Security Foundation, discusses the evolution of memory-safe programming languages and ...
7 months ago Helpnetsecurity.com
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
5 months ago Blog.checkpoint.com
Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
11 months ago Bleepingcomputer.com
IaaS vs PaaS vs SaaS Security: Which Is Most Secure? - Security concerns include data protection, network security, identity and access management, and physical security. While IaaS gives complete control and accountability, PaaS strikes a compromise between control and simplicity, and SaaS provides a ...
10 months ago Esecurityplanet.com
Cyber Security News Weekly Round-Up - The weekly cybersecurity news wrap-up provides readers with the latest information on emerging risks, vulnerabilities, ways to reduce them, and harmful schemes to help make defensive measures proactive. According to recent findings from Morphisec ...
6 months ago Cybersecuritynews.com
Optimizing Cybersecurity: How Hackers Use Golang Source Code Interpreter to Evade Detection - Hackers have been upping the stakes when it comes to executing cyberattacks, and an increasingly popular tool in their arsenal is the Golang source code interpreter. Reportedly, the interpreter is used to obfuscate code, thus making it harder for ...
1 year ago Bleepingcomputer.com
Critical Security Vulnerabilities - What You Need to Know - Recent days have seen an alarming rise in the number of security vulnerabilities in computers, networks and other systems. Such vulnerabilities can be exploited by hackers and malicious software to gain access to confidential data and to potentially ...
1 year ago Thehackernews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)