Lucene search
K
Rapid7blogRecent

1723 matches found

Rapid7 Blog
Rapid7 Blog
added 2023/02/01 6:33 p.m.11 views

XDR, the Beatles, and Blunt Instruments

Sometimes tools are blunt because there’s nothing else. Regarding economic controls for example, Fed Chair Jerome Powell said: “We have essentially interest rates, the balance sheet and forward guidance. They are famously blunt tools, they are not capable of surgical precision." Others are blunt...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/02/01 3:57 p.m.85 views

CVE-2023-22374: F5 BIG-IP Format String Vulnerability

While following up our previous work on F5's BIG-IP devices, Rapid7 found an additional vulnerability in the appliance-mode REST interface; the vulnerability was assigned CVE-2023-22374. We reported it to F5 on December 6, 2022, and are now disclosing it in accordance with our vulnerability...

0.3AI score0.87987EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2023/01/31 9:1 p.m.15 views

A Customer Success Manager’s Journey to Cybersecurity

Originally planning to pursue a career in sports journalism, Blake Walters joined Rapid7 ready to roll up his sleeves and learn about an entirely new field—cybersecurity. Walters always had an interest in computer engineering. However, he craved the ability to connect with people and build...

0.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/31 8:23 p.m.39 views

Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer Malware

Author: Thomas Elkins Contributors: Matt Green, James Dunne, and Hernan Diaz Rapid7 routinely conducts research into the wide range of techniques that threat actors use to conduct malicious activity. One objective of this research is to discover new techniques being used in the wild, so we can...

Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/31 5:5 p.m.15 views

Year in Review: Rapid7 Threat Intelligence

In an evolving threat landscape, non-stop alerts and more IOC feeds don’t guarantee better protection. Security teams are overwhelmed and struggle to identify relevant threat information. Thankfully, Threat Command delivers highly contextual alerts and integration across your environment to help...

0.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/30 2:0 p.m.77 views

Metasploit Framework 6.3 Released

The Metasploit team is pleased to announce the release of Metasploit Framework 6.3, which adds native support for Kerberos authentication, incorporates new modules to conduct a wide range of Active Directory attacks, and simplifies complex workflows to support faster and more intuitive security...

9CVSS1.6AI score0.83277EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2023/01/27 9:17 p.m.73 views

Metasploit Weekly Wrap-Up

Cacti Unauthenticated Command Injection Thanks to community contributor Erik Wynter, Metasploit Framework now has an exploit module for an unauthenticated command injection vulnerability in the Cacti network-monitoring software. The vulnerability is due to a procopen call that accepts unsanitized...

10AI score0.99826EPSS
Exploits48
Rapid7 Blog
Rapid7 Blog
added 2023/01/26 7:0 p.m.31 views

The High Cost of Human Error In OT Systems

In baseball, a mistake made by a player that could have easily been avoided is sometimes called an “unforced error.” An unforced error is not an official error that is, they are not reflected in statistics, however, they can result in additional runs being scored, runners getting on base, and eve...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/25 4:15 p.m.12 views

3 Ways to Apply a Risk-Based Approach to Threat Detection, Investigation, and Response: Gartner® Report

In an ongoing effort to help security organizations gain greater visibility into risk, we’re pleased to offer this complimentary Gartner® report, 3 Ways to Apply a Risk-Based Approach to Threat Detection, Investigation, and Response. This insightful research can help a security organization reali...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/24 3:0 p.m.24 views

Rapid7 Added to Carahsoft GSA Schedule Contract

We are happy to announce that Rapid7 has been added to Carahsoft’s GSA Schedule contract, making our suite of comprehensive security solutions widely available to Federal, State, and Local agencies through Carahsoft and its reseller partners. “With the ever-evolving threat landscape, it is...

0.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/24 3:0 p.m.27 views

Rapid7 Now Available Through Carahsoft’s NASPO ValuePoint

We are happy to announce that Rapid7’s solutions have been added to the NASPO ValuePoint Cloud Solutions contract held by Carahsoft Technology Corp. The addition of this contract enables Carahsoft and its reseller partners to provide Rapid7’s Insight platform to participating States, Local...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/20 7:46 p.m.84 views

Metasploit Weekly Wrap-Up

See something say something Have an idea on how to expand on Metasploit Documentation on ? Did you see a typo or some other error on the docs site? Thanks to adfoster-r7, submitting an update to the documentation is as easy as clicking the 'Edit this page on GitHub' link on the page you want to...

7.5CVSS0.6AI score0.99105EPSS
Exploits21
Rapid7 Blog
Rapid7 Blog
added 2023/01/19 7:4 p.m.49 views

Exploitation of Control Web Panel CVE-2022-44877

On January 3, 2023, security researcher Numan Türle published a proof-of-concept exploit for CVE-2022-44877, an unauthenticated remote code execution vulnerability in Control Web Panel CWP, formerly known as CentOS Web Panel that had been fixed in an October 2022 release of CWP. The vulnerability...

2.8AI score0.99995EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2023/01/19 5:46 p.m.57 views

CVE-2022-47966: Rapid7 Observed Exploitation of Critical ManageEngine Vulnerability

Emergent threats evolve quickly, and as we learn more about this vulnerability, this blog post will evolve, too. Rapid7 is responding to various compromises arising from the exploitation of CVE-2022-47966, a pre-authentication remote code execution RCE vulnerability impacting at least 24 on-premi...

0.99753EPSS
Exploits15
Rapid7 Blog
Rapid7 Blog
added 2023/01/19 3:10 p.m.18 views

Trading Convenience for Credentials

Tap. Eat. Repeat. Regret? Using food or grocery delivery apps is great. It really is. Sure, there’s a fee, but when you can’t bring yourself to leave the house, it’s a nice treat to get what you want delivered. As a result, adoption of food apps has been incredibly fast and they are now a...

0.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/17 6:58 p.m.39 views

What’s New in InsightIDR: Q4 2022 in Review

As we continue to empower security teams with the freedom to focus on what matters most, Q4 focused on investments and releases that contributed to that vision. With InsightIDR, Rapid7’s cloud-native SIEM and XDR solution, teams have the scale, comprehensive contextual coverage, and expertly vett...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/17 3:16 p.m.20 views

Gartner® Report: Questions to Ask When Selecting an MDR Provider

Measuring against the right criteria The “right” criteria is whatever works to further your security organization’s specific needs in detection and response D&R. There’s only so much budget to go around—and successfully obtaining a significant year-over-year increase can be rare. The last thing...

1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/13 5:50 p.m.20 views

Metasploit Weekly Wrap-Up

New module content 2 Gather Dbeaver Passwords Author: Kali-Team Type: Post Pull request: 17337 contributed by cn-kali-team Description: This adds a post exploit module that retrieves Dbeaver session data from local configuration files. It is able to extract and decrypt credentials stored in these...

0.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/13 4:26 p.m.14 views

Dated, Vulnerable, Insecure Tech Is All Over the News. Hooray.

Save the links. Pass them around. And consider getting your copy of the new 2023 XDR Buyer’s Guide—because if this isn’t a time for reckoning and progress, what is? The news: on Wednesday, the United States grounded all flights coast-to-coast for the first time since 9/11. The Federal Aviation...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/12 2:20 p.m.69 views

Recog Release v3.0.3

Recog Release v3.0.3, which is available now, includes updated fingerprints for Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus; Atlassian Bitbucket Server; and Supervisord Supervisor. It also includes new fingerprints and a number of bug fixes, all of which are detailed...

0.1AI score0.9994EPSS
Exploits29
Rapid7 Blog
Rapid7 Blog
added 2023/01/11 6:59 p.m.28 views

Increasing The Sting of HIVE Ransomware

How malicious actors evade detection and disable defenses for more destructive HIVE Ransomware attacks. Rapid7 routinely conducts research into the wide range of techniques that threat actors use to conduct malicious activity. One objective of this research is to discover new techniques being use...

0.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/11 2:51 p.m.11 views

Ditch The Duct Tape: Reduce Security Sprawl With XDR

The New Year’s Day edition of The Wall Street Journal asked a big question in a big headline: “Can Southwest Airlines Buy Back Its Customers’ Love?” While other airlines rebounded from extreme winter weather and service disruptions, Southwest—always top-rated, with a famously loyal following—melt...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/10 10:32 p.m.128 views

Patch Tuesday - January 2023

Microsoft is starting the new year with a bang! Today’s Patch Tuesday release addresses almost 100 CVEs. After a relatively mild holiday season, defenders and admins now have a wide range of exciting new vulnerabilities to consider. Two zero-day vulnerabilities emerged today, both affecting a wid...

0.8AI score0.91597EPSS
Exploits17
Rapid7 Blog
Rapid7 Blog
added 2023/01/09 5:0 p.m.123 views

Year in Review: Rapid7 Vulnerability Management

2022 began on a solemn note — many organizations across the globe were recovering from the Log4Shell zero-day vulnerability. For the InsightVM and Nexpose team, 2022 began with a lot of introspection on how we can add more value and keep meeting our customer needs in the best possible ways. This...

9.3CVSS0.4AI score0.99999EPSS
Exploits466
Rapid7 Blog
Rapid7 Blog
added 2023/01/06 9:32 p.m.29 views

Metasploit Weekly Wrap-Up

Back from a quiet holiday season Thankfully, it was a relatively quiet holiday break for security this year, so we hope everyone had a relaxing time while they could. This wrapup covers the last three Metasploit releases, and contains three new modules, two updates, and five bug fixes. Make sure...

10CVSS0.5AI score0.97136EPSS
Exploits21
Rapid7 Blog
Rapid7 Blog
added 2023/01/05 2:49 p.m.42 views

Year in Review: Rapid7 Cybersecurity Research

Welcome to 2023, a year that sounds so futuristic it is hard to believe it is real. But real it is, and make no mistake, threat actors are still out there, working hard to get into networks the world over. So, at the start of the new year, I am reminded of two particular phrases: Those who do not...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/01/04 4:13 p.m.21 views

Rapid7 Announces Global Days Off to Support Employees in 2023

On January 3rd, it was a little bit quieter than usual here at Rapid7. That's because our offices were closed for our first of five Global Days Off for 2023. Global Days Off are designed to encourage teams around the world to unplug and rest, enabling them to bring their best selves back to work...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/30 3:0 p.m.186 views

2022 Annual Metasploit Wrap-Up

It's been another gangbusters year for Metasploit, and the holidays are a time to give thanks to all the people that help make our load a little bit lighter. So, while this end-of-year wrap-up is a highlight reel of the headline features and extensions that landed in Metasploit-land in 2022, we...

9CVSS0.2AI score0.99677EPSS
Exploits179
Rapid7 Blog
Rapid7 Blog
added 2022/12/29 2:0 p.m.23 views

Understanding the Ecosystem of Smart Cities for the Purpose of Security Testing

Is there a defined ecosystem, similar to what we encountered with the Internet of Things IoT, that can be charted out as it relates to smart city technology and its security implications? While evaluating IoT I struggled with defining what IoT is. I found that there were varying definitions out...

0.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/28 5:2 p.m.28 views

Refreshing Rapid7's Coordinated Vulnerability Disclosure Policy

As 2023 comes hurtling towards us like some kind of maniacal arctic train full of disturbingly realistic AI-generated people, I wanted to take a moment on the blog here to announce that we here at Rapid7, Inc. have refreshed our coordinated vulnerability disclosure CVD policy and philosophy. If y...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/27 6:42 p.m.16 views

The 2022 Naughty and Nice List

It's the holiday season when children all over the world cross their fingers in the hope that they don't end up on a certain red-clad big man's naughty list. Turns out, we at Rapid7 have a similar tradition, only we're the ones making the list and there's a whole lotta naughty going on not like...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/22 8:11 p.m.12 views

Hallmark Channel: Securing the Season

How Crown Media protects its crown jewel It’s that time of year again…chestnuts roasting on an open-fire, kids making wish-lists, and company holiday parties where you can showcase your most outlandish ugly sweater. It’s also the time of year we all get a little bit less cynical and take in a...

0.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/22 3:32 p.m.24 views

Cloud Security and Compliance Best Practices: Highlights From The CSA Cloud Controls Matrix

In a recent blog post, we highlighted the release of an InsightCloudSec compliance pack, that helps organizations establish and adhere to AWS Foundational Security Best Practices. While that’s a great pack for those who have standardized on AWS and are looking for a trusted set of controls to...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/21 5:35 p.m.81 views

CVE-2022-41080, CVE-2022-41082: Rapid7 Observed Exploitation of `OWASSRF` in Exchange for RCE

Emergent threats evolve quickly, and as we learn more about this vulnerability, this blog post will evolve, too. Beginning December 20, 2022, Rapid7 has responded to an increase in the number of Microsoft Exchange server compromises. Further investigation aligned these attacks to what CrowdStrike...

1.2AI score0.99964EPSS
Exploits11
Rapid7 Blog
Rapid7 Blog
added 2022/12/21 2:0 p.m.19 views

Never Mind the Ears, Here's Security Nation

It's another year down and another season down for Security Nation. With the close of our fifth season, I wanted to take a minute here to reflect on who we spoke with and what we talked about. The show titles focus as you would expect on the individual interview subjects, but there's a bunch of...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/20 2:5 p.m.13 views

Cengage LTI Session Management Leakage

Prior to December 10, 2022, Cengage, an education technology provider in use in many higher education environments primarily in the United States, had two issues in the way it handled session management over its Learning Tools Integration LTI pipeline. The first issue involves leaving unexpectedl...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/20 11:0 a.m.22 views

ICYMI: 10 Cybersecurity Acronyms You Should Know in 2023

Cybersecurity is acronym-heavy to say the least. If you’re reading this, you already know. From CVE to FTP, we in IT love our abbreviations, FR FR. Truthfully though, it can be a bit much, and even the nerdiest among us miss a few. So, In Case You Missed It, here are 10 cybersecurity acronyms you...

0.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/19 5:22 p.m.16 views

[The Lost Bots] S02E06: Play “Experts or Scuttlebutt?” With Us

!\The Lost Bots\ S02E06: Play “Experts or Scuttlebutt?” With Ushttps://blog.rapid7.com/content/images/2022/12/The-Lost-Bots-logo-large.png As the year winds down, Jeffrey Gardner, Detection and Response Practice Advisor and Stephen Davis, Lead D&R Sales Technical Advisor, collected predictions th...

0.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/16 9:37 p.m.65 views

Metasploit Weekly Wrap-Up

A sack full of cheer from the Hacking Elves of Metasploit It is clear that the Metasploit elves have been busy this season: Five new modules, six new enhancements, nine new bug fixes, and a partridge in a pear tree are headed out this week! Partridge nor pear tree included. In this sack of goodie...

4.6CVSS9.3AI score0.54237EPSS
Exploits10
Rapid7 Blog
Rapid7 Blog
added 2022/12/15 2:0 p.m.13 views

Spoiler Alert: Your Favorite Content Might Not Be Secure

Securing intellectual property in the age of consolidation Rapid7, of course, is not in the entertainment industry. However, we have worked with some clients out there in that golden land of dreams and enchantment—also known as Hollywood. Case in point: the company formerly known as Discovery, In...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/14 2:0 p.m.19 views

Cloud Audit: Compliance + Automation

Setting your own standard Today’s regulatory environment is incredibly fractured and extensive. Depending on the industry—and the part of the world your business and/or security organization resides in—you may be subject to several regulatory compliance standards. Adding to the complexity, there ...

0.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/13 11:19 p.m.68 views

CVE-2022-27518: Critical Fix Released for Exploited Citrix ADC, Gateway Vulnerability

Emergent threats evolve quickly, and as we learn more about this vulnerability, this blog post will evolve, too. On Tuesday, December 13, 2022, Citrix published Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27518 announcing fixes for a critical unauthenticated remote code execution...

1.1AI score0.06931EPSS
Exploits1
Rapid7 Blog
Rapid7 Blog
added 2022/12/13 9:24 p.m.103 views

Patch Tuesday - December 2022

As far as Patch Tuesdays go, defenders have a relatively light month to close out the year with only 48 CVEs being published by Microsoft today. This does not include the 24 previously disclosed vulnerabilities affecting their Chromium-based Edge browser. There are two zero-days in the mix today...

0.9AI score0.82081EPSS
Exploits7
Rapid7 Blog
Rapid7 Blog
added 2022/12/13 11:0 a.m.15 views

Tis the Season to Be Wary: Three Holiday Shopping Scams To Watch For

Chestnuts roasting on an open fire, scammers nipping at your bank account… that might not be the carol you were expecting, but unfortunately it’s the frosty truth. Most everyone has tons of shopping to do in preparation for holidays, whether they’re buying gifts, decorations, or tickets to visit...

6.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/12 6:48 p.m.111 views

CVE-2022-42475: Critical Unauthenticated Remote Code Execution Vulnerability in FortiOS; Exploitation Reported

Emergent threats evolve quickly, and as we learn more about this vulnerability, this blog post will evolve, too. On December 12, 2022, FortiGuard Labs published advisory FG-IR-22-398 regarding a critical CVSSv3 9.3 “heap-based buffer overflow vulnerability CWE-122 in FortiOS SSL-VPN which may all...

1.4AI score0.99474EPSS
Exploits11
Rapid7 Blog
Rapid7 Blog
added 2022/12/12 3:0 p.m.13 views

Rapid7 Recognized as a Top Place to Work for 11th Consecutive Year

On November 30th, 2022, Rapid7 was again recognized by The Boston Globe as a Top Place to Work in Massachusetts. This marks the 11th consecutive year Rapid7 has made the list, this time coming in at 3 in the large company category. Top Places to Work rankings are based on a Globe survey that...

1.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/09 8:36 p.m.131 views

Metasploit Wrap-Up

Login brute-force utility Jan Rude added a new module that gives users the ability to brute-force login for Linux Syncovery. This expands Framework's capability to scan logins to Syncovery, a popular web GUI for backups. WordPress extension SQL injection module Cydave, destr4ct, and jheysel-r7...

7.5CVSS0.2AI score0.37171EPSS
Exploits16
Rapid7 Blog
Rapid7 Blog
added 2022/12/09 3:0 p.m.27 views

AWS Graviton Processor Support on Insight Agent

By Marco Botros Marco is a Technical Product Manager for Platform at Rapid7. We are pleased to announce that the Insight Agent now supports the AWS Graviton processor. The Insight Agent supports various operating systems using the AWS Graviton processor, including Amazon Linux, Redhat, and Ubuntu...

1.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/08 3:30 p.m.15 views

2023 Cybersecurity Industry Predictions

With 2022 rapidly coming to a close, this is the time of year where it makes sense to take a step back and look at the year in cybersecurity, and make a few critical predictions for what the industry could face in the year ahead. In order to give the security community some insight into where we’...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/07 7:14 p.m.17 views

About Anomalous Data Transfer detection in InsightIDR

By Shivangi Pandey Shivangi is a Senior Product Manager for D&R at Rapid7. Data exfiltration is an unauthorized movement or transfer of data occurring on an organization’s network. This can occur when a malicious actor gains access to a corporation’s network with the intention of stealing or...

Exploits0
Total number of security vulnerabilities1723