Lucene search
K
Rapid7blogRecent

1723 matches found

Rapid7 Blog
Rapid7 Blog
added 2021/05/03 8:28 p.m.44 views

Securing Kubernetes Deployments From Runway to Takeoff

Kubernetes use is rising rapidly—according to a 2019 Cloud Native Computing Foundation CNCF survey, 78% of respondents say they use Kubernetes today 58% more respondents than the previous year. With numbers like those, it looks like everyone is headed toward the cloud. But as with any journey, yo...

Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/05/03 4:22 p.m.68 views

Grow, Develop, and Impact More Than Just Your Career: Software Engineering at Rapid7 Belfast

Growth and learning – in any career at any level – are imperative for job satisfaction and company commitment. While it is necessary to have inherent curiosity as well as a desire to grow and achieve, it is also important to work for an organization that encourages and enables this curiosity and...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/30 5:42 p.m.105 views

Metasploit Wrap-Up

Operations shell Operations and management software make popular targets due to their users typically having elevated privileges across a network. Our own wvu contributed the VMware vRealize Operations vROps Manager SSRF RCE exploit module for the vulnerabilities discovered by security researcher...

9CVSS1.3AI score0.99217EPSS
Exploits24
Rapid7 Blog
Rapid7 Blog
added 2021/04/30 2:0 p.m.235 views

Rapid7's 2021 ICER Takeaways: Web Security Among the Fortune 500

This blog post covers key takeaways from our 2021 Industry Cyber-Exposure Report ICER: Fortune 500. The vast majority of the interactions an average person has with technology is through some form of a web application, but what constitutes a “web app” can be considered quite nebulous, and the...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/29 5:28 p.m.35 views

DevSecOps and the New Scope of Application Development

Hand in hand: Application development and application security As expectations of developers change, so too do those of security teams. It’s more of a collective effort than ever as business dependence on applications continues to grow. Security must shift further left into the software developme...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/28 8:0 p.m.44 views

[Security Nation] Marina Ciavatta and int eighty Put the Fun into Hacking With Hacking Esports and Dual Core Music

!\Security Nation\ Marina Ciavatta and int eighty Put the Fun into Hacking With Hacking Esports and Dual Core Musichttps://blog.rapid7.com/content/images/2021/04/securitynationlogo-65.jpg In this episode of Security Nation, we are joined by Marina Ciavatta and int eighty to talk about Hacking...

0.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/27 5:36 p.m.179 views

What's New in DivvyCloud by Rapid7: April 2021

Keeping you on scheduler The latest release of DivvyCloud 21.3 encompasses many of the standard changes that we included in each major release, from bug fixes to support for new cloud resources to new filters and other enhancements. As always, all the details are available in the release notes...

1.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/26 6:47 p.m.60 views

Rapid7's 2021 ICER Takeaways: Email Security Among the Fortune 500

This blog post covers key takeaways from our 2021 Industry Cyber-Exposure Report ICER: Fortune 500. Original analysis for these findings was conducted by Kwan Lin. We all know and love—or at least begrudgingly rely upon—email. It is a pillar of modern communications, but is unfortunately also...

Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/26 3:13 p.m.57 views

What’s New in InsightVM: Q1 2021 in Review

Are you ready to return to the office? At many companies around the world, plans are being put into place for a phased workforce return to physical offices. With big moves come big changes, which inevitably reveal new vulnerabilities. For many across the security landscape, it’s as if hundreds of...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/23 5:57 p.m.77 views

Metasploit Wrap-Up

Nagios modules Community member Erik Wynter has contributed two more Nagios XI modules this week, on top of the previous week’s contributions! If you’ve noticed Nagios XI 5.6.0 to 5.7.5 running within your target’s infrastructure during a pen test, be sure to check both these new modules out as...

9CVSS0.1AI score0.93201EPSS
Exploits20
Rapid7 Blog
Rapid7 Blog
added 2021/04/22 5:51 p.m.240 views

MDR Vendor Must-Haves, Part 8: Rapid7 Incident Response (Breach) Support

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” This is possibly the most overlooked aspect of selecting an MDR partner. But when you get to a hair-on-fire,...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/21 8:10 p.m.882 views

Active Exploitation of Pulse Connect Secure Zero-Day (CVE-2021-22893)

On Tuesday, April 20, 2021, security firm FireEye published detailed analysis of multiple threat campaigns targeting Ivanti’s Pulse Connect Secure VPN. According to FireEye’s analysis, threat actors have been leveraging multiple techniques to bypass single- and multi-factor authentication on Puls...

7.5CVSS0.7AI score0.99999EPSS
Exploits43
Rapid7 Blog
Rapid7 Blog
added 2021/04/21 1:19 p.m.49 views

The Future is Friction-Free: Drive Innovation With DevOps + Security

Going from a centralized security group that dictates a “command and control” approach to cloud security toward a model of “trust but verify,” is at the core of the modern shift toward security-practice democratization. Organizational practices behind legacy, centralized data centers are being...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/21 1:1 p.m.49 views

Rapid7 and Velociraptor Join Forces

Exciting news! Rapid7 has acquired a digital forensics and incident response DFIR framework. Velociraptor is an open-source project that allows for hunting across thousands of hosts to provide actionable data in minutes and unprecedented visibility into the state of endpoints. A cyberattack can...

0.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/20 8:4 p.m.47 views

Overview of the EU’s draft NIS 2 Directive

Anticipating stronger security requirements for critical EU sectors A pdf copy of this brief is available here. The EU Commission recently proposed a revision to its Directive on Security of Network and Information Systems NIS. The existing NIS Directive “NIS 1” requires EU Member States to enact...

0.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/20 3:36 p.m.25 views

How to Turbocharge Your Phishing Response Plan

A quick reaction to a phishing threat can mean the difference between a massive breach or a fast fix. This reaction typically requires strong coordination across non-tech employees and their teammates over in security who can help them verify and conquer phishing campaigns. In any organization wi...

Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/19 1:56 p.m.69 views

Rapid7 Announces Kubernetes Integration General Availability in InsightVM

Rapid7 is excited to announce the general availability of our Kubernetes integration in InsightVM, our vulnerability management tool.This represents a step forward in Rapid7’s ability to provide vulnerability and remediation management capabilities for container environments. Kubernetes is the mo...

0.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/16 6:9 p.m.372 views

Metasploit Wrap-Up

Google Chrome exploits return Community member r4j0x00 contributed a new module for CVE-2020-16040, an integer overflow in the SimplifiedLowering phase of TurboFan in Google Chrome = 87.0.4280.66 that grants attackers RCE. Whilst the exploit in and of itself does not grant RCE by default, unless...

9CVSS0.8AI score0.99595EPSS
Exploits23
Rapid7 Blog
Rapid7 Blog
added 2021/04/16 5:12 p.m.75 views

Codecov Discloses Supply Chain Compromise

The following blog was co-authored by Curt Barnard and Caitlin Condon. On April 15, 2021, code coverage and testing company Codecov announced a supply chain compromise in which a malicious party gained access to their Bash Uploader script and modified it without authorization, enabling the...

0.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/16 4:56 p.m.199 views

MDR Vendor Must-Haves, Part 7: Managed Response Actions

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” Security teams face unprecedented challenges as the threat landscape expands in scope and complexity. More...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/16 2:41 p.m.63 views

Rapid7 Releases New Industry Cyber-Exposure Report (ICER): FTSE 350

Today, we are excited to release the second report in our Industry Cyber-Exposure Report ICER series, which digs into cyber-exposure among organizations in the U.K.’s FTSE 350. This series focuses on five key areas we believe CISOs at mega-corporations actually have a shot at accomplishing, and...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/16 1:46 p.m.39 views

Rapid7 Announces General Availability for Scoped Executive Summary Report in InsightVM

Security teams often struggle to demonstrate the efficacy and progress of their organization’s vulnerability and remediation management program. This is a result of the complexity around identifying, collecting, and visualizing complicated metrics. InsightVM’s Executive Summary Report has proved ...

0.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/14 3:9 p.m.76 views

How Philip Reiner Created the Ransomware Task Force

In our latest episode of Security Nation, we talk to Philip Reiner about his work with the Ransomware Task Force. Stick around for our Rapid Rundown, where Tod talks about a recently released bulletin from CISA about APT exploiting both new and old SAP vulnerabilities. Want More Inspiring Stories...

6.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/13 5:37 p.m.135 views

Patch Tuesday - April 2021

Patch Tuesday is here again and there are more Exchange updates to apply! A total of 114 vulnerabilities were fixed this month with more than half of them affecting all versions of Windows, with about half of them being remote code execution bugs, and about a fifth of them being rated as critical...

10CVSS1.5AI score0.83337EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2021/04/13 3:26 p.m.41 views

CVE-2021-26908 and CVE-2021-26909: Automox Agent Information Disclosure (FIXED)

Rapid7 researcher Danny Jordan discovered two vulnerabilities in the Automox Agent for Windows and macOS, which could result in information disclosure issues involving the Automox infrastructure. CVE-2021-26908 describes a vulnerability where Automox Agent improperly logs sensitive information on...

0.6AI score0.00726EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/12 1:38 p.m.51 views

MDR Must-Haves, Part 6: Threat Validation and Detailed Reporting

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” Engaging a managed security service provider—either a traditional MSSP or MDR provider—should never involve...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/09 7:17 p.m.128 views

Metasploit Wrap-Up

Spilling the Gitea We have two modules coming in from cdelafuente-r7 targeting CVE-2020-14144 for both the Gitea and Gogs self-hosted Git services. Both modules are similar: they take advantage of a user’s ability to create Git hooks by authenticating with the web interface, creating a dummy...

10CVSS0.3AI score0.98376EPSS
Exploits29
Rapid7 Blog
Rapid7 Blog
added 2021/04/09 2:20 p.m.252 views

MDR Vendor Must-Haves, Part 5: Multiple Threat Detection Methodologies, Including Deep Attacker Behavior Analysis

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR service providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” Let’s start with an analogy: Say you’re a fisherman out on a mission to specifically catch tuna. You thr...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/09 2:19 p.m.62 views

What’s New in InsightIDR: Q1 2021 in Review

Back at the start of the year, we reflected on some of our 2020 InsightIDR product investments and took a look at what was ahead in 2021 see the blog here. As the first quarter of the year comes to a close, we wanted to offer a closer look at some of the recent updates and releases in InsightIDR,...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/08 5:18 p.m.1115 views

Attackers Targeting Fortinet Devices and SAP Applications

The following blog was co-authored by Caitlin Condon and Bob Rudis, also known in his own words as “some caveman from Maine.” Last week, the U.S. Cybersecurity and Infrastructure Security Agency CISA and the FBI published a joint alert to warn users that APT threat actors were likely exploiting...

10CVSS0.1AI score0.99999EPSS
Exploits46
Rapid7 Blog
Rapid7 Blog
added 2021/04/08 1:27 p.m.61 views

Kubernetes Namespaces Are Not as Secure as You Think

In a previous article, we described how the usage of namespaces in Kubernetes significantly simplifies the management of a Kubernetes cluster. However, managing multiple microservices on the same cluster comes with a security cost when not planned correctly. A common misconception around namespac...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/08 1:2 p.m.263 views

Looking Back and Moving Forward With Rapid7’s Cloud Security Solution

This blog post was co-authored by Jamie Gale and Charles Stokes. Done with Q1 The DivvyCloud by Rapid7 team has had a busy and productive start to 2021, and we anticipate that the rest of this year will be equally exciting for our valued customers. In the first three months alone, we incorporated...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/07 9:23 p.m.42 views

Security Isn’t a Four-Letter Word: How Infrastructure as Code (IaC) Amplifies DevOps Through the Inclusion of Security

Our fast-paced lives are fueled by innovative, cloud-native companies. We are able to watch our favorite programs and movies from anywhere in the world on any device. We are able to collaborate with our colleagues on an upcoming presentation, regardless of whether we’re in the office or at home...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/07 9:23 p.m.230 views

A Quick Look Into Cloud Infrastructure Entitlement Management (CIEM)

The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business needs. But figuring out the right tool—let alone the right type of tool—can be difficult. Gartner has five security archetypes that fall under the broader cloud security...

0.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/07 9:22 p.m.223 views

A Quick Look Into Cloud Workload Protection Platforms (CWPPs)

The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business needs. But figuring out the right tool—let alone the right type of tool—can be difficult. Gartner has five security archetypes that fall under the broader cloud security...

Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/07 3:4 p.m.28 views

MDR Vendor Must-Haves, Part 4: Ingestion of Authentication Data Across Local, Domain, and Cloud Sources

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” There isn’t a single threat or breach that doesn’t involve attackers using legitimate credentials to cause harm...

0.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/06 12:57 p.m.43 views

Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Fortune 500

Today, Rapid7 just released the first in our all-new Industry Cyber-Exposure Report ICER series. For those of you who have been following our research over the past few years, you may immediately suspect us of unloading another 100+ page tome of internet-based findings around the internet—but not...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/05 2:15 p.m.169 views

A Quick Look Into Cloud Security Posture Management (CSPM)

The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business needs. But figuring out the right tool—let alone the right type of tool—can be difficult. Gartner has five security archetypes that fall under the broader cloud security...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/05 2:8 p.m.105 views

InsightIDR’s Log Search: Recent Enhancements and Upcoming Investments

Log data is critical to ensuring that you have full visibility into what’s going on across your environment. Alongside endpoint and network data, log data enables teams to detect malicious activity, prove compliance, and have better visibility across their environment. Within InsightIDR, our Log...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/05 2:0 p.m.42 views

What’s New in InsightAppSec and tCell: Q1 2021 in Review

2021 is off and running! The big question on the corporate world’s mind is, of course, “What will work life look like at the end of 2021?” With vaccines rolling out around the world, another shift is set to take place around when and where people put in their hours. As offices slowly start to...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/02 7:49 p.m.121 views

Metasploit Wrap-Up

Sprinkle on the Modules The first quarter of 2021 has given us wave after wave of Exchange vulnerabilities, and while our awesome contributors helped us continue coverage with another Exchange module we were able to add to Metasploit, we also added modules covering very heavy-hitting...

10CVSS0.9AI score0.99898EPSS
Exploits39
Rapid7 Blog
Rapid7 Blog
added 2021/04/01 12:58 a.m.12 views

[Security Nation] Beau Woods and Fotios Chantzis Discuss Their New Book, "Practical IoT Hacking"

!\Security Nation\ Beau Woods and Fotios Chantzis Discuss Their New Book, https://blog.rapid7.com/content/images/2021/04/securitynationlogo-63.jpg In our latest episode of Security Nation, we speak with Beau Woods and Fotios Chantzis about their newly released book, "Practical IoT Hacking." Stick...

0.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/03/30 2:18 p.m.39 views

MDR Vendor Must-Haves, Part 3: Ingestion of Other Technology Investments

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” By the time you’re ready to invest in a Managed Detection and Response MDR service, you’ve likely already invest...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/03/29 1:17 p.m.98 views

SolarWinds Patches Four New Vulnerabilities in Their Orion Platform

On Thursday, March 25, 2021, SolarWinds released fixes for four new vulnerabilities in their Orion platform, the most severe of which is an authenticated remote code execution flaw due to a JSON deserialization weakness. Fixes for these weaknesses are in Orion Platform 2020.2.5. ‌‌Given the...

4.9CVSS6.7AI score0.0076EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/03/29 1:2 p.m.30 views

MDR Vendor Must-Haves, Part 2: Ingestion of Network Device Data

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” There are many factors to consider when assessing which Managed Detection and Response MDR vendor is the right f...

0.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/03/26 5:36 p.m.589 views

Metasploit Wrap-Up

ProxyLogon More Microsoft news this week! Firstly, a big thank you to community contributors GreyOrder, Orange Tsai, and mekhalleh RAMELLA Sébastien, who added three new modules that allow an attacker to bypass authentication and impersonate an administrative user CVE-2021-26855 on vulnerable...

7.5CVSS10AI score0.99999EPSS
Exploits105
Rapid7 Blog
Rapid7 Blog
added 2021/03/26 2:57 p.m.38 views

DivvyCloud Adds Support for IAM Analyzer Policy Recommendations

Last week, Amazon Web Services AWS announced an improvement to its IAM Access Analyzer that allows its users to proactively analyze and validate Identity & Access Management IAM policies against more than 100 checks and receive actionable recommendations on improving its security and efficacy. By...

1.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/03/25 1:2 p.m.212 views

Attack vs. Data: What You Need to Know About Threat Hunting

Mitigate threats by going on the offensive While the definition of threat hunting may be straightforward—proactively hunting for threats—the reality of implementing a threat-hunting program is a bit more complicated, as there are different threat-hunting methodologies to choose from. In order to...

0.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/03/24 2:0 p.m.35 views

Rapid7 Recognized as a Strong Performer in the Inaugural Forrester Wave™ for MDR, Q1 2021

Independent research firm cites Rapid7 MDR’s “security professionals with extensive incident response and threat hunting experience” delivering a “white-glove, behavioral detection-inspired” service. Detection and response is a critical component to any security program, but standing up an...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/03/23 2:14 p.m.44 views

MDR Vendor Must-Haves, Part 1: Deep Observation of Real-Time Endpoint Data

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” Assessing Managed Detection and Response MDR vendors is no easy task. However, evaluating each based on...

0.4AI score
Exploits0
Total number of security vulnerabilities1723