Latest updates

IP cameras are affordable and ubiquitous. You can conveniently monitor your home from almost everywhere. However, hundreds of IP cameras are unmaintained and vulnerable to attackers. In the worst case, exposed IP cameras can be misused to locate your physical address.

In this article, we show how attackers may locate your camera’s physical location and provide tips on securing your device.

Do you operate an IP camera, which is connected to the internet? Did you ever check its configuration? Did you check if the device runs the latest firmware? Did you check whether everybody on the internet can access your camera?

In this article, we share several risks coming with unmaintained IP cameras and tips on how you can secure your device.

Each year, “the worst passwords of the year” make it into the news. Passwords like “123456,” “111111,” “querty,” or “password” are always on these lists. If you look at leaked passwords, you quickly realize that passwords are short, non-random, and may have a trailing “!” as the special character. Companies try to get rid of weak passwords by enforcing password rules; however, users find creative ways to bypass these unpopular rules, again using weak passwords.

While countless websites flood the internet with tips to create the “perfect” password, many of them forget about two essentials: Defining a threat model, and keeping credential management as simple as possible.

The Network Time Protocol (NTP) is one of the remaining protocols on the internet without state-of-the-art security. The RFC 8915 “Network Time Security for the Network Time Protocol” tries to change this by proposing cryptographic protection for NTP’s client-server mode. In this article, we use the NTP implementation “NTPsec” and NTS to synchronize the system’s time securely.

How to start your career in information security? Is “hacking” essential? Do you need technical skills? We talk about careers in information security.