Dahua Security Camera Vulnerability

Dahua has taken this seriously. Surprise Surprise.

Backdoor Disclosure here

Dahua Security Bulletin here

I need to get my ass back in Shodan. I miss the hunt


Recovery Masters




WikiLeaks Vault7

Vault 7: CIA Hacking Tools Revealed

Lots of good reading here: wikileaks.org/ciav7p1

Some highlights of interest:

Weeping Angel- The Overlords of Smart TVs and Smart Phones Embedded Devices Branch

Malware designed to take over Microsoft, Linux, OsX and Routers Automated Implant Branch

Malware designed to take over and infect Mobile Devices Mobile Devices Branch

Center for Cyber Intelligence Org Chart

Appears to me CIA needs to do a checking of their own house 🙂


Happy Digging

Recovery Masters


FTC – IoT Home Inspector Challenge

IoT Home Inspector Challenge

So the FTC wants someone to “create” a tool that can protect consumers from vulnerabilities in IoT devices.

Here is a snippet on the criteria required:

  • Submissions must provide a technical solution, rather than a policy or legal solution.
  • The tool must work on home IoT devices that currently exist on the market.
  • The tool must protect information it collects both in transit and at rest.
  • The Submission must address how the tool will avoid or mitigate any additional security risks that the tool itself might introduce into the consumer’s home by, for example, probing the home network or facilitating software upgrades.

There are thousands of different I0T device types, vendors, Companies, etc. How is this going to be feasible with such a broad scope of devices?

Prize is up to $25k with $3k going to honorable mentions.

Give it a whirl would ya. Submissions are due by May 22nd 2017.