• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Sony IP Cam Backdoors – Daily Security Byte

December 7, 2016 By Corey Nachreiner

Researchers found two hard-coded accounts and passwords in a large range of Sony’s IP-based security cameras. Attackers with access to these cameras’ web interface could use these credentials to take over the camera, even forcing access to a command line (CLI) interface. With botnets like Mirai actively looking for new victims, these sorts of IoT backdoors could but your IP-based cameras at risk. Watch our Daily Security Byte for the highlights, and if you own vulnerable cameras be sure to check out the firmware updates in the Reference section below.

Episode Runtime: 1:42

Direct YouTube Link: https://www.youtube.com/watch?v=zOKrbBnrzPU

EPISODE REFERENCES:

  • SEC Consult’s official advisory – SEC Consult
  • Secret backdoor in 80 models of Sony’s IP security camera – The Register
  • Blog post detailing Sony IPELA cam backdoor – SEC Consult
  • Sony’s firmware updates for affected IP security cameras – Sony

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Software vulnerabilities

Comments

  1. Alex Jones says

    December 7, 2016 at 11:07 am

    Sadly, hard coded credentials is shockingly common for all sorts of internet enabled devices. This is far from the first device with hard coded credentials, and it is far from the last as well.

    the one upside in this case is that Sony updated the firmware quickly and a fix is already available.

    Reply
    • Corey Nachreiner says

      December 8, 2016 at 10:55 am

      I would hope that “secret” hard-coded accounts and credentials aren’t as common as you suggest. I do agree that default passwords, without mechanisms to force new users to change them immediately, are shockingly common… and that is a problem in itself (usually attackers take advantage of default known accounts and credentials. However, to have an undocumented, highly privilege account hidden on your device (accidentally or not) is even worse. If this is common, we should not accept it.

      By the way, like you I do think Sony at least reacted to and fixed this issue quickly once they knew about it.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use