Year: 2017

Webcams allowing anyone to spy on you by Trendnet, dlink, and airnet

Author wefightforsecurityPosted on December 1, 2017December 1, 2017Categories Uncategorized

Webcams are always a good Christmas gift, so it’s always good to know which ones let other people spy on you.  The following allow people to control your webcam, and watch your every movement. Their is no password in place, the video is simply published to a url anyone can access and easily find on a site called shodan by looking up a search we will provide later on in the post.

The Trendnet advanced pan and tilt internet camera server TV-IP400  is one of these cameras that publishes everything you do and shodan indexes it. The skyipcam250w is by airlink101.com, nonetheless it also let’s anyone in the world spy on you and your family. Let’s not forget the Dlink Dcs‑900 Internet Camera, which also allows anyone to watch you.

 

These three cameras all have something in common, they use the camera web server 1.0 whose author may be a Mr. Steven Wu, since his name shows up as author along with every use of the camera web server 1.0. Whether there is a way to password these devices is not known to us, what is known to us is that your home is currently under the control of anyone who has access to the internet. The fact that these devices use camera web server 1.0 and the author name is Steven Wu, makes it easy for people to search and watch these users via shodan, by entering the relevant information. We believe you should disconnect your webcam if you own any of the above listed nor do we think these would make good Christmas presents for people you like.

 

This is the first out of 25 articles we are releasing this month on flaws, unknown exploits, and security vulnerabilities. We believe Christmas should be a time to also strengthen your security and make smart decisions on what you let into your house.

 

Security & SEO Podcast episode 2

Author wefightforsecurityPosted on November 21, 2017November 21, 2017Categories first page google, podcast, UncategorizedTags , , , , , , , , , ,

 

What happens if you only focus on SEO and do really well, but don’t focus on security? You get hacked and lose tens of thousands of dollars or if you don’t have a team who works quickly on SEO and security, you could go out of business. We cover how 46 million phones were hacked in Malaysia and a lot more of interesting topics, including our black Friday sale.

Black Friday & Cyber Monday SEO & Internet Security Sale The Rest Of November!

Author wefightforsecurityPosted on November 21, 2017Categories Uncategorized

Black friday and Cyber Monday are great times to get what you need and want at low prices, but we believe it shouldn’t just be two days that these sales happen, at least not for us. We are giving you low prices for the rest of this month on all of our services and products.

Our Monthly automated services are 50 percent off from 20 dollars a month to ten dollars a month. Our SEO services went from 800 dollars a month to 500 dollars a month. Also our security audit went from 2000 dollars to 1500 dollars. All prices will be going back to normal in December, so this is a deal you don’t want to miss out on.

Planet Zuda Cyber Security And SEO podcast: Episode 1

Author wefightforsecurityPosted on November 10, 2017November 10, 2017Categories cyber security, information security, podcast, seo, Uncategorized, wordpress securityTags , , , , , , , , , , , ,

In this episode, we discuss security data breaches, how flawed a lot of open source programs are with security, especially one person WordPress plugins. We also covered cionews.com, Yoast SEO, On The Go Systems premium plugin WPML and plenty more.

Breaking: Domino’s Hacked in 2017 & Late 2016, Criminal Claims

Author wefightforsecurityPosted on October 31, 2017Categories cyber security, information securityTags , , , , , , ,

Dominos pizza logo
Dominos has been hacked, but this is not surprising since we spoke to a criminal who claimed publicly and privately reiterated his claims that he had hacked into Domino’s Venezuala website dominos.com.ve allegedly using a SQL injection, which he publicly announced. We were unable to independently prove the claims by said criminal, since they wouldn’t share where the exploit was that they allegedly used.

Why did the criminal allegedly hack dominos? We do not want to mention the bizarre and insane conspiracy he or she was chasing, but let’s just say this criminal who hacked Domino’s was chasing something that didn’t exist that other news outlets  publicly named over and over in the 2016 U.S election. We have no idea how domino’s fit into their conspiracy theory, except that they sell pizza and the conspiracy theory was partially pizza based.

So, why are we just now writing about a Domino’s hack against Venezulua  that allegedly took place in late 2016? Because Domino’s who we contacted at the time said something to the effect that they would handle it, but now a Domino’s hack against  Australians is  showing a pattern in their security that is too familiar and we believe is unhealthy for their customers.

The 2017 Domino’s hack in Australia is interesting, since Domino’s is saying a third party is at fault due to a rating system that a third party used to manage that leaked customer personal details. This is interesting, because criminals want in your site and they are going to look for the weakest link to get into your site and unfortunately third parties are the most vulnerable when it comes to code.

A company like Domino’s can have a strict security code, but if it doesn’t ensure that their security model is also being used by their third parties and auditing their code, then they enter a security weakness into their threat model. This is a weakness that we take seriously and audit all third party code.

We may be publishing more of what occured in the 2016 domino hack, as this is now relevant information, so please check back as this is a developing news event.