Maybe this is another bad coincidence. Shortly after my findings regarding the quite insecure ALDI / MAGINON web cameras, Rapid7 informs about IoT security issues, especially about 10 New Vulnerabilities for Several Video Baby Monitors.
There is nothing to add to this scary report except that this is just again another example of incompetent developers, IT and quality assurance departments of ‘well known’ companies. I hope all of them get fired but maybe they deserve something worse. For instance, that their family or kids get stalked. No – This is something we should not wish to anybody. This would be wrong. But they didn’t seem to care about your family and privacy.
To check your own devices, I just updated the default password database of NetworkToolbox accordingly.
Don’t trust the evil!
P.S. NetworkToolbox now has it’s own dedicated Facebook page.