Category Archives: Rapid7

How a security researcher is tackling IoT security testing

Posted on by

“A common misconception people in the industry have regarding my work as a security researcher is that I am sharing information that puts businesses at risk. And also, that I spend all day playing,” says Deral Heiland, Research Lead at Rapid7. “In fact, it’s quite the opposite. I am first and foremost sharing knowledge with the manufactures of the products and technologies to insure that the products are properly fixed so we all can be … More Continue reading How a security researcher is tackling IoT security testing

Unpatched Smart Lighting Flaws Pose IoT Risk to Businesses

Posted on by

Rapid7 has disclosed nine vulnerabilities in Orsam Lightify Pro and Home smart lighting products, some of which can be used as a pivot point for remote attacks. Continue reading Unpatched Smart Lighting Flaws Pose IoT Risk to Businesses

Unpatched Remote Code Execution Flaw Exists in Swagger

Posted on by

Researchers at Rapid7 found a vulnerability in the Swagger Code Generator that could execute arbitrary code embedded in a Swagger document. Continue reading Unpatched Remote Code Execution Flaw Exists in Swagger

Moxa Won’t Patch Publicly Disclosed Flaws Until August

Posted on by

A number of publicly disclosed vulnerabilities in Moxa networking gear won’t be patched until August, if at all, according to ICS-CERT. Continue reading Moxa Won’t Patch Publicly Disclosed Flaws Until August