Entries by Chelsea Allen

What’s Up, Doc?

Black Hat 2014 had a roundtable on “Medical Devices Roundtable: Is There a Doctor in the House? Security and Privacy in the Medical World”. Rapid 7’s Jay Radcliffe presented the major issues facing the healthcare industry as it moves in the direction of increasing automation both of information and devices, an expanding surface for all […]

How to Use Nmap on the Pwn Pad

This video demonstrates using nmap on the Pwn Pad, both with the one-touch functionality and from the command-line. The video covers the various adapters that can be used with the Pwn Pad and how to choose which one you are using: tplink, trendnet USB ethernet adapter, the onboard Nexus adapter, or EvilAP. Nmap will ascertain […]

Nest and the Internet of Things

Hundreds of pages could be written about the security state of the Internet of Things (IoT); the tricky thing about embedded devices is that security often seems to be an afterthought. The recent Black Hat conference in Las Vegas touched on IoT security and DEF CON broached the subject as well. In addition to the […]

Your Wi-Fi is Mine

Increasingly, those with evil intentions are targeting personal computers over wireless networks, either by passively monitoring the traffic or by setting up a duplicate network for a “man-in-the-middle” attack. Though people should probably know better by now, Gene Bransfield’s presentation at this year’s DEF CON, “War Kitteh”, demonstrated just how prevalent weak or un-encrypted Wi-Fi […]

How-to Pwnie on YouTube

The Pwnies want you to be able to use our tools to the best of our abilities, so we’re helping! Check out  the new “how-to” series on our YouTube channel to find videos on using Pwnie devices, with many more to come.

Back in Black (Hat)

The Pwnies have come back East after an intense — and amazing — week in Sin City. Seeing the community out in full force is a rare and beautiful thing, and Black Hat and DEF CON are the greatest time to do so. Though a little healthy paranoia goes far in this industry, Pwnie Express […]

Security Pulse of the Company

The heart of any company is the headquarters. Organizations go to great lengths to protect this center of human and security activity, but like wearing a Kevlar vest to protect the vitals, securing just the headquarters is not enough. And even scarier? Until now, there was no cost-effective way of consistently monitoring the security of […]

NPR Blog Series Part 2: A Week in the Life

Note: Per our agreement with NPR, Pwnie Express is not disclosing any data collected during the research experiment with Steve Henn, but focusing it’s comments on providing education on the techniques used. In my last post I described how I configured a Pwn Plug R2 to stream Steve Henn’s laptop and iPhone traffic from his home office to […]

NPR Blog Series: Part 1 – The Drop Box

Note: Per our agreement with NPR, Pwnie Express is not disclosing any data collected during the research experiment with Steve Henn, but focusing it’s comments on providing education on the techniques used.As part of a collaboration between NPR, Ars Technica, and Pwnie Express, I spent the last few months on what can only be described as […]