Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Mark Stanislav  

R7-2015-27 and R7-2015-24: Fisher-Price Smart Toy® hereO GPS Platform Vulnerabilities (FIXED)

Through our recent publication of numerous security issues of Internet-connected baby monitors, we were able to comprehensively raise awareness of the real-world risks facing those devices. Further, we were able to work with a number of vendors to get key security problems resolved, resulting in…

The IoT Trust Framework: Finally Setting the Bar for IoT Security & Privacy

Since I co-founded BuildItSecure.ly back in February, 2014, I've spent a lot of time thinking through, presenting on, and discussing what is currently wrong with IoT security. Most conversations around this typically lead to the same concerning conclusion -- "why isn't anyone building a…

How to be a Combination King

I recently spent a wonderful week in London to participate in Infosecurity Europe as part of a larger group of internationally-based Rapid7 employees. If you've been to many events, you know that vendors quite often come up with clever ways to attract people to their…

A Primer on IoT Security Research

Over the past couple of years I've dove into Internet of Things (IoT) security research and found it to be a rather fun (and sometimes terrifying) mixture of technologies, [in]delicately woven together to provide for some pretty useful, and not so useful, devices. It's…

OSINT Through Sender Policy Framework (SPF) Records

Having spent a lot of my career managing hundreds of Linux servers at a time, I can honestly say that the part I miss the least is running e-mail services. When you run your own e-mail servers, not only do you have to manage half…