Falha nos dispositivos de segurança doméstica da Guardzilla permite que pessoas de fora vejam vídeos armazenados, dizem pesquisadores

Falha nos dispositivos de segurança doméstica da Guardzilla permite que pessoas de fora vejam vídeos armazenados, dizem pesquisadores: A popular home security device made by Guardzilla contains a security vulnerability that could make it possible for outsiders to access video recordings, according to research published Thursday. Guardzilla’s indoor wireless security system, the GZ501W, contains hardcoded security keys rendered vulnerable by an outdated algorithm that TechCrunch reports is easy to crack. Hackers can use those keys to log on to Guardzilla’s storage servers at Amazon Web Services to access data uploaded by customers, according to the new findings. Researchers from 0DayAllDay released their findings Thursday after notifying Guardzilla to the vulnerabilities in September and receiving no response. [W]e’re publishing this [Thursday], which happens to be right about 60 days after our first disclosure to the vendor of this video camera,” Tod Beardlsey, research director at Rapid7, explained in blog post. Rapid7 was involved in the research. “Unfortunately, despite multiple efforts at coordination with the vendor, we haven’t heard back from …

explicita