Firmware, Surveillance and VPN - Cyber Security Informer

Patch now! Insecure Hikvision security cameras can be taken over remotely

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware

Firmware Surveillance Marketing VPN

Privacy Roundup: Week 9 of Year 2025

Security Boulevard

MARCH 3, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. The surveillance tech waiting for workers as they return to the office ArsTechnica RTO continues to pick up steam. In pursuit of "more productivity," some employers are leaning heavily into surveillance tech.

Surveillance

Surveillance Data breaches Firmware Encryption

Privacy Roundup: Week 7 of Year 2025

Security Boulevard

FEBRUARY 17, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Privacy Services Mullvad has partnered with Obscura VPN Mullvad Mullvad announces its partnership with ObscuraVPN; Mullvad WireGuard VPN servers can be used as the exit hop for the two-party VPN service offered by ObscuraVPN.

Surveillance

Surveillance Data breaches VPN Malware

Security Affairs newsletter Round 175 – News of the week

Security Affairs

AUGUST 12, 2018

Advertising

Advertising DNS Firmware Surveillance

IT threat evolution Q1 2024

SecureList

JUNE 3, 2024

The attackers were able to bypass this hardware-based security protection using another hardware feature of Apple-designed SoCs (System on a Chip): they did this by writing the data, destination address and data hash to unknown hardware registers of the chip that are not used by the firmware.

Banking

Banking Malware Computers and Electronics Mobile

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

They can be made to serve as routers (proxies or VPN servers) to anonymize illicit traffic. Paul has discovered critical vulnerabilities in the firmware and protocols of certain webcam models, and one of the vendors he contacted never even got back to him to discuss remediation. Various ways exist to monetize Illicit access to webcams.

IoT

IoT DDOS Passwords Malware

DNS and Your Privacy: Should you use encrypted DNS?

Security Boulevard

JUNE 19, 2024

Eavesdropping has been has been performed by public and private organizations alike to surveil DNS traffic (and potentially hijack it.) Again, generally, many users use the ISP’s DNS resolvers as it is the "default" and most do not know these can be changed in the browser or on the device/network (hardware/firmware permitting).

DNS

DNS Encryption Firmware Internet

Privacy Roundup: Week 12 of Year 2025

Security Boulevard

MARCH 24, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). They also have appeared to partner with Proton.

Surveillance

Surveillance Telecommunications Data breaches Malware

Privacy Roundup: Week 6 of Year 2025

Security Boulevard

FEBRUARY 10, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Privacy Services Mullvad VPN for Windows on ARM is here! Mullvad Mullvad VPN client is now available for Windows ARM desktops. Malware campaigns covered generally target/affect the end user.

Spyware

Spyware Surveillance Government Data breaches

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

The cyber-offense ecosystem still appears to be shaken by the sudden demise of NSO Group; at the same time, these activities indicate to us that we’ve only seen the tip of the iceberg when it comes to commercial-grade mobile surveillance tooling. One of the major cyber-incidents of 2022 took place early this year: the Okta hack.

Firmware

Firmware Surveillance Mobile Telecommunications

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

On June 3, Check Point published a report about an ongoing surveillance operation targeting a Southeast Asian government, and attributed the malicious activities to a Chinese-speaking threat actor named SharpPanda. The samples we analyzed mimicked various applications such as private messaging, VPN, and media services.

Malware

Malware Government Surveillance Spyware

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services. and a medium (CVSS 4.3) level vulnerability.

IoT

IoT Internet Internet Ransomware

Exposed security cameras in Israel and Palestine pose significant risks

Security Affairs

OCTOBER 10, 2023

This would allow them to view live feeds and record footage, which could be used for surveillance, reconnaissance, or gathering sensitive information. A virtual private network (VPN) for remote access is preferred. Keep camera firmware up to date to address security vulnerabilities and improve overall system security.

Risk

Risk Encryption VPN Passwords

Cyber Security Informer

Patch now! Insecure Hikvision security cameras can be taken over remotely

Privacy Roundup: Week 9 of Year 2025

Trending Sources

Privacy Roundup: Week 7 of Year 2025

Security Affairs newsletter Round 175 – News of the week

IT threat evolution Q1 2024

Overview of IoT threats in 2023

DNS and Your Privacy: Should you use encrypted DNS?

Privacy Roundup: Week 12 of Year 2025

Privacy Roundup: Week 6 of Year 2025

Advanced threat predictions for 2023

APT trends report Q3 2021

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Exposed security cameras in Israel and Palestine pose significant risks

Stay Connected