Skip to main content

Logitech Circle 2 Security Webcam has gone Offline (SOLVED)

In November 2022, I realized that my webcam had stopped working. I took it down from above my door mount in order to troubleshoot closely. The unit would power on with a steady white lighting around the front but I was used to seeing green. When I press the button to reset it, it would reboot and start flashing different coloured lights but when I release the button, all lighting would stop.     I looked at Logitech’s support site to find out how to properly reset it. It was simply to hold the button a few seconds until lights start blinking, which is what I have been doing. I had the wired model so I plugged in the unit via USB to my Windows computer to attempt to connect to it. I had a hunch that there was a firmware update that it automatically tried to download and run, and that update caused this. I was right. A few other users on the Logitech forums reported the same symptoms I was experiencing with my Circle 2 webcam. Here was one specific post that I responded to: https://suppo

Cleaning Code-Injection Malware on Thanksgiving Weekend

I just finished removing a code-injected malware that blacklisted a website with security providers like Google and Symantec, and it had to be on this Thanksgiving Long Weekend. Nothing makes me more sick that having to deal with this type of cleanup but it has to be done. Our whole household is already sick with cough and flu so this adds to the fun.

I noticed the infection by constant emails from my service provider that my quota was getting exceeded. I know the site is popular but couldn’t be that popular. When I tried to get to the site using Google Chrome browser, I received a ominous red splash screen letting me know that there is malware on the site and that I should only continue if I understood the risks. Fortunately, I had the site registered with Google Webmaster Tools and was able to get a sample of the suspicious code injection. I also ran http://killmalware.com/, http://www.siteadvisor.com/sites/aminsolutions.com, and http://sitecheck.sucuri.net/ against the website to advise me what other sites see as a baseline prior to cleaning up the malware. This is what I had to do, without too much detail so that the hackers aren’t wise to the exact solutions:

• Put the site into maintenance mode, displaying a friendly reminder to clients that this is scheduled;
• If using CMS, update the platform to the latest version, including all security patches;
• Register the website with Google Webmaster Tools to have it tell you what and possibly where the code-injection malware is on the site;
• Search the web site’s file system for the sample malware code snippet returned by Google Webmaster Tools. Sometimes, it is easier to use Notepad++ to search through contents of every file so do this after downloading a copy of the entire web site locally to your computer. If hosted on the cloud, use your favorite FTP client like CoreFTP to download the contents;
• After finding the code-injected malware, remove the malicious code;
• Make sure you prevent future code-injections by following Google’s write-up here https://support.google.com/webmasters/answer/3024344. Specifically look for malicious code that’s obfuscated to avoid detection, e.g. eval (base64 decode);
• Get Google Webmaster Tools to re-review the site to ensure the malware has been removed. Make sure you configure the preferences to email you of any future malware attacks on the site;
• Run http://killmalware.com/, http://www.siteadvisor.com/sites/aminsolutions.com, and http://sitecheck.sucuri.net/ against the website to ensure it passes all the tests.
• After tests pass, deactivate maintenance mode on the website to open it back up to customers.

Gobble gobble gobble. That’s how you serve this turkey to dinner.

Comments

Popular posts from this blog

Wall of Graduates from the AI Product Manager Nanodegree

The "Wall of Graduates" is a Google sites page showing a profile list of students who graduated from the Udacity AI Product Manager nanodegree. We were asked two questions to include in our profile and there are those two questions.  What obstacles (big or small!) did you face during Phase 2 & how did you overcome them?    I think the biggest was time constraint. I was also doing my Georgia Tech course in the spring and this fell on the same timeline. The other obstacle is that the course material was not technical but more for product managers. This meant a lot of time was spent networking in slack participating community-driven initiatives. I did learn Artificial Intelligence concepts but it didn't need to last from December 2020-December 2021.  How are you making use of your newfound skills?  I don't use AI at work but it has allowed me to open my eyes to possibilities. We recently implemented MS Azure Cognitive service utilizing text translation. Although not

60 Days of Udacity: A Bertelsmann Technology Scholarship in AI

I applied and was recently awarded the Bertelsmann Technology scholarship where a group of students take part in an Artificial Intelligence track made up of 5 parts to be completed in 3.5 months.    As part of taking the class, we have to take part in a slack channel where we post our daily studies for 60 days reflecting on what we have learned. This is a transcription of those 60 days. The public github wiki is located here https://github.com/chromilo/udacity-bertelsmann-scholarship/wiki  Day 1:  I am in p3  (Datasets) doing the xray annotation project. I have created the appen job using the "Image Categorization" template. I uploaded the xray image data and modified the CML to make the  questions specific to checking for pnemonia. Also updated the Examples section. I am still working out the usage of conditional only-if in checkboxes to determine what other smarts to include when annotators go through the page. Created one Question so far and will continue working on the ot

One of the more underappreciated AWS service

The most under-appreciated AWS service is the AWS Certificate Manager (ACM). This service provides SSL/TLS certificate for your custom domain as long as you subscribe to any ACM-integrated service like Elastic Cache or Cloudfront.  I had been using Wordpress to host my website https://aminsolutions.com for some time on a free web hosting provider. In order to provide SSL/TLS web encryption, I would have to buy a public certificate from an SSL provider and have that in front of my Wordpress content management web site. I found there were many limitations with that including installation of a public certificate on a free webhost subscription.  I would have had to start a paid web host subscription and in order to install a paid public certificate on a Wordpress website that wasn't getting a lot of hits. Regardless, it had to be secured via SSL web encryption so this is where AWS Cloudfront came in. Using AWS Cloudfront integrated with ACM, I can get a free public SSL web certificate