Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

IoT  

Extracting Firmware from Microcontrollers' Onboard Flash Memory, Part 1: Atmel Microcontrollers

As part of our ongoing discussion of hardware hacking for security professionals, this blog covers the Amtel Atmega2561 microcontroller.…

The IoT Cybersecurity Improvement Act of 2019

In this blog post, we will walk through the newly introduced IoT Cybersecurity Improvement Act of 2019 and describe Rapid7's position on it.…

[IoT Security] Introduction to Embedded Hardware Hacking

Many security professionals and researchers are intrigued by the idea of opening up and exploring embedded technologies but aren’t sure where to start.…

Smart Sensors: A Look at Beacon Security

After working on a smart city project, I wanted to share some of my learnings about beacon technology and how to evaluate its security.…

Once a Haxer, Always a Haxor

Like most hackers, I liked to take apart my holiday gifts as a kid. In this blog, I take apart Amazon's voice-controlled microwave oven to see how it works.…

The Nightmare After Christmas

With all the incidents that occurred in 2018, you may feel a bit like a CISO Scrooge. Here's how you can prepare for next year (in poem form!)…

Top Tactics for Researching IoT Technology Security This Holiday Season

As the holiday shopping season kicks off on Black Friday, here's what consumers should do to protect themselves when purchasing and using IoT technology.…

Top 5 Threats Healthcare Organizations Face and How to Combat Them

Looking to protect your healthcare organization from cyber-threats? Here are the top five threats to look out for and tips on how to outsmart attackers.…

Why It’s Critical to Test the Failure State of IoT Products

When considering or testing the security posture of an IoT product’s ecosystem, it is important to take into account how that product handles failure conditions.…

National Cybersecurity Awareness Month: Manage Your Risk at Home with Simple Tweaks to Your Voice-Controlled Devices

Voice-controlled devices can help handle countless tasks in your home, but they still come with some risk. Use these tactics to boost their security.…

Putting Pen (Tests) to Paper: Lessons and Learnings from Rapid7’s Annual Mega-Hackathon

Rapid7's Mega-Hackathon offers a unique chance to go beyond the data and get a feel for what pen testers are like in their natural habitat.…

Lessons and Takeaways from CTIA’s Recently Released IoT Security Certification Program

The CTIA recently announced a new cybersecurity certification program for cellular- and Wi-Fi-connected IoT devices. Here is my high-level overview of this program.…

Enhancing IoT Security Through Research Partnerships

Securing IoT devices requires a proactive security approach to test both devices and the IoT product ecosystem. To accomplish this, consider setting up a research partnership.…

Communicating IoT Security Update Capability

What is the essential information that manufacturers should communicate to consumers about security updates for Internet of Things (IoT) devices?…

Security Impact of Easily Accessible UART on IoT Technology

When it comes to securing IoT devices, it’s important to know that Universal Asynchronous Receiver Transmitter (UART) ports are often the keys to the kingdom for device analysis when you have physical access. For example, as part of ongoing security research and testing projects…