Posts tagged IoT

4 min Public Policy

Rapid7 urges NIST and NTIA to promote coordinated disclosure processes

Rapid7 has long been a champion of coordinated vulnerability disclosure and handling processes as they play a critical role in both strengthening risk management practices and protecting security researchers. We not only use coordinated disclosure processes in our own vulnerability disclosure [https://www.rapid7.com/security/disclosure/] and receiving activities, but also advocate for broader adoption in industry and in government policies. Building on this, we recently joined forces with other
6 min Vulnerability Disclosure

R7-2016-28: Multiple Eview EV-07S GPS Tracker Vulnerabilities

Seven issues were identified with the Eview EV-07S GPS tracker, which can allow an unauthenticated attacker to identify deployed devices, remotely reset devices, learn GPS location data, and modify GPS data. Those issues are briefly summarized on the table below. These issues were discovered by Deral Heiland of Rapid7, Inc., and this advisory was prepared in accordance with Rapid7's disclosure policy. Vulnerability DescriptionR7 IDCVEExploit VectorUnauthenticated remote factory resetR7-2016-28
6 min IoT

12 Days of HaXmas: 2016 IoT Research Recap

Merry HaXmas to you! Each year we mark the 12 Days of HaXmas [https://www.rapid7.com/blog/tag/haxmas/] with 12 blog posts on hacking-related topics and roundups from the year. This year, we're highlighting some of the “gifts” we want to give back to the community. And while these gifts may not come wrapped with a bow, we hope you enjoy them. As we close out the end of the year, I find it important to reflect on the IoT vulnerability research conducted during 2016 and what we learned from it. Th
3 min IoT

IoT Security vs Usability

Recently we all have found ourselves talking about the risk and impact of poorly secured IoT technology and who is responsible. Fact is there is enough blame to go around for everyone, but let's not go there. Let us start focusing on solutions that can help secure IoT technology. Usability has been an issue that has plagued us since the beginning of time. As an example, just going back to my youth and seeing my parents VCR flashing 12:00 all the time. We laugh at that, because it showed us thei
4 min IoT

On the Recent DSL Modem Vulnerabilities

by Tod Beardsley [https://twitter.com/todb] and Bob Rudis [https://twitter.com/hrbrmstr] What's Going On? Early in November, a vulnerability was disclosed affecting Zyxel DSL modems, which are rebranded and distributed to many DSL broadband customers across Europe. Approximately 19 days later, this vulnerability was leveraged in widespread attacks across the Internet, apparently connected with a new round of Mirai botnet activity. If you are a DSL broadband customer, you can check to see if yo
3 min Project Sonar

The Internet of Gas Station Tank Gauges -- Final Take?

In early 2015, HD Moore performed one of the first publicly accessible research related to Internet-connected gas station tank gauges, The Internet of Gas Station Tank Gauges [/2015/01/22/the-internet-of-gas-station-tank-gauges]. Later that same year, I did a follow-up study that probed a little deeper in The Internet of Gas Station Tank Gauges — Take #2 [/2015/11/18/the-internet-of-gas-station-tank-gauges-take-2]. As part of that study, we were attempting to see if the exposure of these devic
2 min IoT

Research Lead (IoT)

It has been an amazing journey serving as the Research Lead for the Internet of Things (IoT) at Rapid7 for past 10 months. I came into the role with more than a decade of experience as a security penetration tester and nearly 15 years of experience conducting security research across such areas as protocol based attacks, embedded device exploitation, and web vulnerabilities, so taking on the role, as Research Lead for IoT was the next obvious progression for me. Being able to focus on IoT specif
2 min IoT

[Free Tool] IoTSeeker: Find IoT Devices, Check for Default Passwords

So there's this Thing... We need to talk about Things, you and I. Specifically those connected Things. This isn't a weird breakup discussion regarding a relationship you didn't know we had (I hear that's called stalking actually, and is an altogether different type of problem). There may be Things on your network that are harbouring a security issue, and that's not a good place to be either. We can help you track them down (which does bear a slight resemblance to stalking, granted, but we're se
4 min IoT

Mirai FAQ: When IoT Attacks

Update: Following the attack on Dyn back in October, there is some speculation over whether a similar Mirai-style attack could be leveraged to influence the election. This feels like FUD to me; there doesn't seem to be a mechanism to knock out one critical service to kick over enough state and county election websites, Dyn-style, to make such an attack practical. It could potentially be feasible if it turns out that a lot of city, county, and state websites are sharing one unique upstream resour
4 min Research

NCSAM: Independent Research and IoT

October is National Cyber Security Awareness month and Rapid7 is taking this time to celebrate security research. This year, NCSAM coincides with new legal protections for security research under the DMCA and the 30th anniversary of the CFAA - a problematic law that hinders beneficial security research. Throughout the month, we will be sharing content that enhances understanding of what independent security research is, how it benefits the digital ecosystem, and the challenges that researchers f
8 min Vulnerability Disclosure

R7-2016-10: Multiple OSRAM SYLVANIA Osram Lightify Vulnerabilities (CVE-2016-5051 through 5059)

Nine issues affecting the Home or Pro versions of Osram LIGHTIFY were discovered, with the practical exploitation effects ranging from the accidental disclosure of sensitive network configuration information, to persistent cross-site scripting (XSS) on the web management console, to operational command execution on the devices themselves without authentication. The issues are designated in the table below. At the time of this disclosure's publication, the vendor has indicated that all but the la
7 min IoT

Getting a Handle on the [Internet of] Things in the Enterprise

This blog post was written by Bob Rudis, Chief Security Data Scientist and Deral Heiland, Research Lead. Organizations have been participating in the “Internet of Things” (IoT) for years, long before marketers put this new three-letter acronym together. HVAC monitoring/control, badge access, video surveillance systems and more all have had IP connectivity for ages. Today, more systems, processes and (for lack of a more precise word) gizmos are being connected to enterprise networks that fit int
5 min IoT

R7-2016-01: Null Credential on Moxa NPort (CVE-2016-1529)

This advisory was written by the discoverer of the NPort issue, Joakim Kennedy of Rapid7, Inc. Securing legacy hardware is a difficult task, especially when the hardware is being connected in a way that was never initially intended. One way of making legacy hardware more connectable is to use serial servers. The serial server acts as a bridge and allows serial devices to communicate over TCP/IP. The device then appears on the network as a normal network-connected device. This allows for remote

6 min IoT

Smile! You're on Candid APT

Recently IP camera hacking has taken front stage in the news [http://arstechnica.com/security/2016/01/how-to-search-the-internet-of-things-for-photos-of-sleeping-babies/] . Actually, hacking IP cameras is not all that new—it's been around for a number of years—but historically the focus has been related to gaining access to just the video portion of the camera. But with IP cameras being one of the many IoT technologies out there often found to be improperly secured, I figured it was time to look
2 min IoT

CVE-2015-7547: Revenge of Glibc Resolvers

If you've been involved in patch frenzies for any reasonable amount of time, you might remember last year's hullabaloo around GHOST [/2015/01/27/ghost-in-the-machine-is-cve-2015-0235-another-heartbleed], a vulnerability in glibc's gethostbyname() function. Well, another year, another resolver bug. gethostbyname(), meet getaddrinfo() This time, it's an exploitable vulnerability in glibc's getaddrinfo(). Like GHOST, this will affect loads and loads of Linux client and server applications, and lik

Popular Topics

Tags