3 min
IoT
Privacy, Security, and Connected Devices: Key Takeaways From CES 2024
The topic of data privacy has become so relevant in our age of smart technology.
With everything becoming connected, including our homes, workplaces, cities, and
even our cars, those who develop this technology are obligated to identify
consumers' expectations for privacy and then find the best ways to meet those
expectations. This of course includes determining how to best secure the data
with which these technologies interact. As you can imagine, accomplishing these
requirements is no easy fea
6 min
IoT
Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities
Rapid7, Inc. (Rapid7) discovered vulnerabilities in Aladdin Connect retrofit kit garage door opener and Android mobile application produced by Genie.
3 min
IoT
Is That Smart Home Technology Secure? Here’s How You Can Find Out.
I can’t tell you which solution will work for your specific case, but I can give you some pointers around technology security.
2 min
Research
Poorly Purged Medical Devices Present Security Concerns After Sale on Secondary Market
In Security Implications from Improper De-acquisition of Medical Infusion Pumps Rapid7 performs a physical and technical teardown of more than a dozen medical infusion pumps.
2 min
IoT
Understanding the Ecosystem of Smart Cities for the Purpose of Security Testing
A look at the various components that make up Smart Cities with the goal of having a model to help better understand the various security concerns as we plan for our Smart City future.
5 min
IoT
Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 4
Welcome back to our blog series on Rapid7's IoT Village exercise from DEF CON 30. In this post, we'll cover how to gain root access over the device's secure shell protocol (SSH).
6 min
IoT
Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 3
Welcome back to our blog series on Rapid7's IoT Village exercise from DEF CON 30. In this post, we'll cover how to modify the data we've extracted.
5 min
IoT
Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 2
Welcome back to our blog series on Rapid7's IoT Village exercise from DEF CON 30. Last week, we covered the basics of the exercise and achieving access to flash memory. In this post, we'll cover how to extract partition data.
5 min
IoT
Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Part 1
Rapid7 returned to DEF CON 30 and participated at the IoT Village with another hands-on hardware hacking exercise.
7 min
Vulnerability Disclosure
Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)
Rapid7 discovered vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare.
3 min
Research
Evaluating the Security of an Enterprise IoT Deployment at Domino's Pizza
Recently, I had a great opportunity to work with Domino's Pizza to evaluate an internally conceived Internet of Things (IoT)-based business solution.
8 min
Research
Lessons in IoT Hacking: How to Dead-Bug a BGA Flash Memory Chip
In this post, we cover how to dead-bug a flash memory chip to help aid your IoT hacking research.
3 min
Ransomware
Is the Internet of Things the Next Ransomware Target?
What would it take for IoT to be the target of ransomware? This post takes a closer look.
6 min
IoT
A Quick Look at CES 2022
The first thing I noticed about CES 2022 was COVID’s impact on the event, which was more than just attendance size.
6 min
IoT
Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 4
In this final post, we'll discuss how to gain full root access and successfully complete this exercise in IoT hacking.