Category: Uncategorized

Webcams allowing anyone to spy on you by Trendnet, dlink, and airnet

Author wefightforsecurityPosted on December 1, 2017December 1, 2017Categories Uncategorized

Webcams are always a good Christmas gift, so it’s always good to know which ones let other people spy on you.  The following allow people to control your webcam, and watch your every movement. Their is no password in place, the video is simply published to a url anyone can access and easily find on a site called shodan by looking up a search we will provide later on in the post.

The Trendnet advanced pan and tilt internet camera server TV-IP400  is one of these cameras that publishes everything you do and shodan indexes it. The skyipcam250w is by airlink101.com, nonetheless it also let’s anyone in the world spy on you and your family. Let’s not forget the Dlink Dcs‑900 Internet Camera, which also allows anyone to watch you.

 

These three cameras all have something in common, they use the camera web server 1.0 whose author may be a Mr. Steven Wu, since his name shows up as author along with every use of the camera web server 1.0. Whether there is a way to password these devices is not known to us, what is known to us is that your home is currently under the control of anyone who has access to the internet. The fact that these devices use camera web server 1.0 and the author name is Steven Wu, makes it easy for people to search and watch these users via shodan, by entering the relevant information. We believe you should disconnect your webcam if you own any of the above listed nor do we think these would make good Christmas presents for people you like.

 

This is the first out of 25 articles we are releasing this month on flaws, unknown exploits, and security vulnerabilities. We believe Christmas should be a time to also strengthen your security and make smart decisions on what you let into your house.

 

Security & SEO Podcast episode 2

Author wefightforsecurityPosted on November 21, 2017November 21, 2017Categories first page google, podcast, UncategorizedTags , , , , , , , , , ,

 

What happens if you only focus on SEO and do really well, but don’t focus on security? You get hacked and lose tens of thousands of dollars or if you don’t have a team who works quickly on SEO and security, you could go out of business. We cover how 46 million phones were hacked in Malaysia and a lot more of interesting topics, including our black Friday sale.

Black Friday & Cyber Monday SEO & Internet Security Sale The Rest Of November!

Author wefightforsecurityPosted on November 21, 2017Categories Uncategorized

Black friday and Cyber Monday are great times to get what you need and want at low prices, but we believe it shouldn’t just be two days that these sales happen, at least not for us. We are giving you low prices for the rest of this month on all of our services and products.

Our Monthly automated services are 50 percent off from 20 dollars a month to ten dollars a month. Our SEO services went from 800 dollars a month to 500 dollars a month. Also our security audit went from 2000 dollars to 1500 dollars. All prices will be going back to normal in December, so this is a deal you don’t want to miss out on.

Planet Zuda Cyber Security And SEO podcast: Episode 1

Author wefightforsecurityPosted on November 10, 2017November 10, 2017Categories cyber security, information security, podcast, seo, Uncategorized, wordpress securityTags , , , , , , , , , , , ,

In this episode, we discuss security data breaches, how flawed a lot of open source programs are with security, especially one person WordPress plugins. We also covered cionews.com, Yoast SEO, On The Go Systems premium plugin WPML and plenty more.

Google dorks — What are they and do Google Dorks hurt my business?

Author wefightforsecurityPosted on October 10, 2017October 10, 2017Categories Uncategorized

Google dorks, many have heard of them but few know what they are. Do Google dorks hurt my website? That depends on your website, but let’s first breakdown what they are.

 

Google dorks is simply a way to refer to a refined Google search using special built-in Google features like inurl:crazy or intext:crazy or “crazy” – insane. We will now break down each one and what it does. If you did a search inurl:crazy it will return results for all urls with crazy in them and if you do a search for intext:crazy, it will return all meta descriptions and other text it detects and displays with crazy in it. The third example is the best one, because that will only show you results for the word crazy, but not if the word insane is in  the title or description.

 

How can Google dorks  hurt my website or get it hacked?

Certain files are easy to find using Google dorks, we’ve been able to view web hosts databases, electric grids, things you wouldn’t imagine are connected to the internet. We aren’t going into what Shodan is today, but let’s just say this is  nothing compared to what you can find using Shodan.

We viewed one of John McAfee’s companies using google dorks and discovering a vulnerability that impacted their security. We reported it to Mcafee and the developers of the product and it was fixed. We do find it humorous that John says he loves hackers to hack him, because he gets attacked first with the newest attacks, when this issue has been known since the early 2000’s. In McAfee’s  defense his company didn’t write the code for this software, they simply were using it without a security audit of the code.

With Google dorks, you never access the website, that is if you are smart. Instead, you go to Google cache and anything that happens is indexed by Google and on Google’s domain, so you are viewing a copy of a website that Google hosts. If you go beyond viewing, then you may be in trouble.

Google dorks are powerful and can find all sorts of things that shouldn’t be openly accessible to the web, but for some reason are.

So, are you vulnerable to Google dorks? Hire us and you will find out so much more, like if you are vulnerable to SQL injections, XSS, CSRF, etc.