Hackers find that the device runs with old software
The home monitoring cameras from Dropcam have been found to be vulnerable to a set of attacks that would permit injecting video frames, watch the captured video, and access the sound recording capabilities of the device.
Dropcam equipment prides itself on the security of the recorded content, as it is encrypted on the camera and can be sent securely even over an insecure network.
It has been designed to cover the house monitoring needs by providing a simple way to check what is going on inside a room. This is achieved by sending the recorded video to a Dropcam server, which can stream it on a user’s device.
For security reasons, both the camera and the server have been designed to accept requests only from each other, based on authentication keys and certificates. The developers implemented the perfect forward secrecy crypto feature to secure each session. Full Article