Lucene search
K
Rapid7blogRecent

1723 matches found

Rapid7 Blog
Rapid7 Blog
added 2021/01/20 2:30 p.m.28 views

You Can Now Buy (And Renew) Five More Rapid7 Products Through AWS Marketplace

Purchasing software through AWS Marketplace has to be one of the most under-appreciated perks of being an Amazon Web Services AWS customer. For starters, products you purchase through Marketplace automatically show up on your next AWS bill, which can really simplify your procurement process. In...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/01/19 7:28 p.m.37 views

InsightIDR: 2020 Highlights and What’s Ahead in 2021

As we kick off 2021 here at Rapid7, we wanted to take a minute to reflect on 2020, highlight some key InsightIDR product investments we don’t want you to miss, and take a look ahead at where our team sees detection and response going this year. Rapid7 detection and response 2020 highlights Whenev...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/01/15 8:0 p.m.264 views

Metasploit Wrap-Up

Commemorating the 2020 December Metasploit community CTF A new commemorative banner has been added to the Metasploit console to celebrate the teams that participated in the 2020 December Metasploit community CTF and achieved 100 or more points: If you missed out on participating in this most rece...

7.2CVSS0.5AI score0.13958EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2021/01/15 2:26 p.m.42 views

NICER Protocol Deep Dive: Internet Exposure of DNS-over-TLS

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/01/12 11:59 p.m.224 views

Patch Tuesday - January 2021

We arrive at the first Patch Tuesday of 2021 2021-Jan with 83 vulnerabilities across our standard spread of products. Windows Operating System vulnerabilities dominated this month's advisories, followed by Microsoft Office which includes the SharePoint family of products, and lastly some from les...

9.3CVSS1.1AI score0.39653EPSS
Exploits5
Rapid7 Blog
Rapid7 Blog
added 2021/01/12 7:35 p.m.156 views

Update on SolarWinds Supply-Chain Attack: SUNSPOT and New Malware Family Associations

This update is a continuation of our previous coverage of the SolarWinds supply-chain attack that was discovered by FireEye in December 2020. As of Jan. 11, 2021, new research has been published that expands the security community’s understanding of the breadth and depth of the SolarWinds attack...

0.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/01/08 7:54 p.m.420 views

Metasploit Wrap-Up

Struts2 Multi Eval OGNL RCE Our very own zeroSteiner added exploit/multi/http/struts2multievalognl, which exploits Struts2 evaluating OGNL expressions in HTML attributes multiple times CVE-2019-0230 and CVE-2020-17530. The CVE-2019-0230 OGNL chain for remote code execution requires a one-time cha...

10CVSS9.4AI score0.97822EPSS
Exploits46
Rapid7 Blog
Rapid7 Blog
added 2021/01/08 2:15 p.m.28 views

What’s New in InsightAppSec and tCell: Q4 2020 in Review

It’s crazy to believe 2020 has come to an end, and we’re sure we’re not alone in our excitement for 2021! Without a doubt, 2020 has presented some challenges for us all in the security world, as many companies quickly adopted a work-from-home model and pivoted from an in-store experience quickly ...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/01/07 3:53 p.m.34 views

How COVID-19 Reinforced the Need for Mobile Device Management

How many of you got that call at the beginning of the pandemic to make your company’s workforce 100% capable for remote work? How many of you had no idea how to make that happen, seemingly and sometimes literally overnight? How many of you were already prepared for such an event? Remote workforce...

0.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/01/06 2:2 p.m.50 views

What’s New in InsightVM: Q4 2020 in Review

Here at Rapid7, we’re pretty proud of the work that goes into keeping InsightVM a leader in the vulnerability risk management space. We’re constantly investing in and improving InsightVM capabilities so our customers have no trouble seeing and proving value. That said, here’s our roundup of the n...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/01/05 2:43 p.m.52 views

NICER Protocol Deep Dive: Internet Exposure of DNS

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

0.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/01/04 2:23 p.m.38 views

Shifting Security Right: How Cloud-Based SecOps Can Speed Processes While Maintaining Integrity

When it comes to offloading security controls to the cloud, it may seem counterintuitive to the notion of “securing” things. But, when we consider the efficiency to be gained by shifting right with some security controls, it makes sense to send more granular, ground-up responsibilities to a trust...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/01/02 5:2 p.m.53 views

HaXmas Hardware Hacking

Usually, when you read an IoT hacking report or blog post, it ends with something along the lines of, "and that's how I got root," or "and there was a secret backdoor credential," or "and every device in the field uses the same S3 bucket with no authentication." You know, something bad, and the...

0.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/01/02 4:56 p.m.32 views

Predicting the Unpredictable: What Will the Cybersecurity Space Look Like in 2021?

Not to start off another blog post about how insane this year has been, but let’s just take a moment to appreciate HOW INSANE THIS YEAR HAS BEEN. As I sat down to write this blog post, I took a look at last year’s predictions post and was amused to see how little we knew about what was coming. An...

0.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/30 3:38 p.m.227 views

Metasploit 2020 Wrap-Up

2020 was certainly an interesting year. There were quite a few newsworthy events and some fantastic exploit content released. Let’s take a look at what 2020 meant for Metasploit. Quick stats Some quick statistics for Metasploit’s year. 737 pull requests merged and counting A net gain of +179...

7.5CVSS0.1AI score0.97116EPSS
Exploits65
Rapid7 Blog
Rapid7 Blog
added 2020/12/28 2:0 p.m.228 views

Taking Inspiration from Our Security Nation in an Otherwise Uninspiring Year

Well, what a year it has been. I won’t waste your time by recapping the many, many difficulties that 2020 has offered us, and instead, I will try to take a slightly different tack. While it has been a challenging for some, truly hellacious year, as we close it out, I’ve been trying out a little...

6.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/25 2:0 p.m.64 views

Rapid7 Labs’ 2020 Naughty List Summary Report to Santa

As requested, your dutiful elves here at Rapid7 Labs have compiled a list of the naughty country networks being used to launch cyberattacks across the globe. Needless to say, some source networks have been very naughty dare we use the word “again,” since these all seem to be repeat offenders. To...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/24 2:0 p.m.328 views

Top Security Recommendations for 2021

Happy HaXmas! We hope everyone is having a wonderful holiday season so far. This year has been wild and unpredictable, and has brought unique risks and threats to the forefront of business activities. So, to help everyone stay safer in 2021, the Strategic Advisory Services team here at Rapid7 is...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/23 2:2 p.m.290 views

Metasploit Tips and Tricks for HaXmas 2020

For this year's HaXmas, we're giving the gift of Metasploit knowledge! We'll cover a mix of old, new, or recently improved features that you can incorporate into your workflows. Some of our readers may already know these tips and tricks for using Metasploit, but for the others who aren't aware of...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/22 3:2 p.m.205 views

UPnP With a Holiday Cheer

T'was the night before HaXmas, when all through the house, Not a creature was stirring, not even a mouse. The stockings were hung by the chimney with care, in hopes that St. Nicholas soon would be there. This may be the way you start your holiday cheer, but before you get started, let me make you...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/22 2:46 p.m.40 views

Set New InsightVM Goals and Share with Your Team for Increased Visibility and More Efficient Execution

Since 2018, thousands of enterprises have utilized InsightVM’s Goals and SLAs feature to build their organization-specific security goals. Through Goals and SLAs, security teams ensure that they’re making progress toward their goals and service-level agreements SLAs at an appropriate pace, and th...

Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/18 7:15 p.m.199 views

Metasploit Wrap-Up

It's the week of December 17th and that can only mean one thing: a week until Christmas! For those of you who don't celebrate Christmas, a very happy Hanukkah/Chanukah, Kwanzaa, Diwali, Chinese New Year, Winter Solstice and Las Posadas to you all! This is our last weekly wrap-up this year, but as...

10CVSS9.3AI score0.80291EPSS
Exploits36
Rapid7 Blog
Rapid7 Blog
added 2020/12/18 2:50 p.m.122 views

What’s New in InsightIDR: Q4 2020 in Review

Throughout the year, we’ve provided roundups of what’s new in InsightIDR, our cloud-based SIEM tool see the H1 recap post, and our most recent Q3 2020 recap post. As we near the end of 2020, we wanted to offer a closer look at some of the recent updates and releases in InsightIDR from Q4 2020...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/17 8:43 p.m.32 views

Help Others Be "Cyber Aware" This Festive Season—And All Year Round!

Are you tired of being the cybersecurity help desk for everyone you know? Are you frustrated with spending all your time securing your corporate environment, only to have to deal with the threat that snuck in through naive end-users? Are you new to security and wondering how you ended up here? Th...

7.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/17 3:46 p.m.33 views

How to Gain Visibility Into Audit Logs for Policy Customization in InsightVM

Since the launch of InsightVM’s Custom Policy Builder in June of this year, hundreds of organizations have created and customized secure configuration policies. While the standard CIS and DISA benchmarks are, by default, great for an organization to kickstart their policy and compliance program,...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/16 2:56 p.m.32 views

Happy HaXmas from the Rapid7 Team!

Happy HaXmas, everyone! This has been quite the year, but we’re thrilled that we’re able to keep up our favorite holiday tradition of our annual HaXmas blog series, which features holiday stories, hacking wins from the year, tips and tricks, and general festivity to keep you entertained during th...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/15 2:57 p.m.31 views

The Risky Business: Rapid7 Report Highlights Need for Improved Vulnerability Management Practices

Back in July, Rapid7 released its first-ever National / Industry / Cloud Exposure Report, otherwise known as “NICER.” This report had a big job: to assess not only the prevalence of known threats, but also to provide a geographic census of those threats. It tells the all-too-true story of...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/14 6:23 p.m.55 views

SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know

On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform, which is used by organizations to monitor and manage IT infrastructure. FireEye has given the campaign an identifier of UNC2452 and is further...

7.5CVSS9.8AI score0.9198EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2020/12/11 5:9 p.m.250 views

Metasploit Wrap-Up

In case you missed it, this past weekend the Metasploit team hosted the latest Metasploit CTF. We saw 1903 users register in this round and some excellent writeups have been published on what they found. If you participated but haven’t had a chance to fill out our feedback survey you can find it...

10CVSS0.7AI score0.86749EPSS
Exploits29
Rapid7 Blog
Rapid7 Blog
added 2020/12/11 2:0 p.m.51 views

InsightVM Now Integrates With Snyk for Deep Visibility Into Container Vulnerabilities

We know many development teams these days are taking advantage of containerized software applications that may contain all of the necessary code, runtime, system tools, and libraries needed to run an application. Containers are easy to spin up and down, experiment with, and get things done quickl...

0.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/10 8:3 p.m.40 views

NICER Protocol Deep Dive: Internet Exposure of etcd

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/09 7:0 p.m.29 views

New All Apps and Asset Report Combines Power of InsightVM and InsightAppSec for Boosted Visibility

When speaking with customers, we continue to hear that they are looking for more visibility into their vulnerability risk management activities. This could include complete visibility into the various assets within their dynamic environments, or a deeper understanding of attacks that are occurrin...

0.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/08 9:36 p.m.242 views

Patch Tuesday - December 2020

We close off our 2020 year of Patch Tuesdays with 58 vulnerabilities being addressed. While it's a higher count than our typical December months high thirties, it's still a nice breath of fresh air given how the past year has been. We do, however, get to celebrate that none of the reported...

10CVSS0.3AI score0.8979EPSS
Exploits20
Rapid7 Blog
Rapid7 Blog
added 2020/12/08 1:26 p.m.64 views

2020 Under the Hoodie Report Reveals Pen Testers’ Most-Loved Vulnerabilities

Penetration testing “pentesting” is the practice of simulating a criminal breach of a sensitive area in order to uncover and fix defensive failures. Rapid7’s recently released report, Under the Hoodie, draws from the experiences of our Rapid7 pen testing services teamers to highlight key...

6.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/07 10:5 p.m.30 views

Congrats to the winners of the 2020 December Metasploit community CTF

Thank you all that participated in the 2020 December Metasploit community CTF! The four day CTF was well received by the community, with 874 teams and 1903 users registered! We’ve included the high-level stats and the competition winners below. If you played the CTF and want to let the Metasploit...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/07 3:17 p.m.72 views

NICER Protocol Deep Dive: Internet Exposure of memcached

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

5CVSS7.8AI score0.8864EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2020/12/04 7:27 p.m.166 views

Metasploit Wrap-Up

The Metasploit team is rolling to the end of the year featuring a week of modules, updates, and our annual CTF. I say rolling in part because here in the US, we’re coming off our week of Thanksgiving, which involves lots of pies, and we’re probably all a bit more spherical than normal! For those ...

7.5CVSS9.9AI score0.9927EPSS
Exploits45
Rapid7 Blog
Rapid7 Blog
added 2020/12/04 2:34 p.m.137 views

How to Create an OS-Based Policy Scanning Workflow in InsightVM

When you first start setting up InsightVM, the No. 1 thing you should be focused on is building sites, running scans, and kicking off reports to start building your vulnerability management program. Once you start feeling comfortable with the vulnerability management flow, policy scanning should ...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/04 1:58 p.m.122 views

Rapid7’s InsightIDR Introduces Integration with Cybereason

Ransomware is the fastest-growing type of cybercrime, and according to Cybersecurity Ventures, global ransomware damage costs will reach $20 billion by 2021—that’s 57 times more than it was just five years ago. With the increase in remote work this year expanding the attack surface, the threat of...

0.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/02 5:23 p.m.70 views

Threat and Vulnerability Management Best Practices

Today’s business world is increasingly driven by e-commerce and the cloud, which means it requires a proactive approach toward vulnerability management. After all, your company’s data—as well as your customers’—remains at risk to cybercriminals, which places the onus on you to protect your...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/12/01 8:8 p.m.28 views

Rapid7 Recognized as a Strong Performer Among Security Analytics Providers by Leading Industry Report

At Rapid7, we recognize that security professionals are facing a more challenging landscape than ever before. The mission of InsightIDR—our natively cloud SIEM—is to remove the drudgery and operational burdens associated with traditional approaches, and drive efficient, effective detection and...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/11/30 2:14 p.m.112 views

NICER Protocol Deep Dive: Internet Exposure of Redis

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

10CVSS7.1AI score0.09636EPSS
Exploits2
Rapid7 Blog
Rapid7 Blog
added 2020/11/27 4:22 p.m.98 views

Metasploit Wrap-Up

Exploiting weak configurations Community contributor Graeme Robinson added two modules targeting insecurely configured API's, both of which lead to remote code execution. The first module exploits a lack of access control in Apache NiFi, which allows for the creation of an ExecuteProcess processo...

9CVSS1.2AI score0.67168EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2020/11/24 2:39 p.m.51 views

CVE-2020-7378: OpenCRX Unverified Password Change (FIXED)

OpenCRX version 4.30 and version 5.0-20200717 suffers from an unverified password change vulnerability, which is an instance of CWE-620. This vulnerability has a CVSSv3 score of 9.1, which is usually CRITICAL, since it effectively allows anyone who can connect to the OpenCRX server to change the...

6.4CVSS9.2AI score0.02617EPSS
Exploits1
Rapid7 Blog
Rapid7 Blog
added 2020/11/23 8:46 p.m.23 views

Don’t Let These Top Cloud Myths Hamper Your Business Decision-Making

The cloud remains a dominant technology innovation well into its second decade of existence. However, after all this time, certain cloud computing myths still creep into the minds of CIOs and other denizens of the corner office. For example, some business decision-makers feel the cloud is simply ...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/11/23 2:43 p.m.38 views

NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

8.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/11/20 7:52 p.m.161 views

Metasploit Wrap-Up

It’s 11 o’clock. Do you know where your file uploads are? Repeat contributor Erik Wynter and our own wvu-r7 each submitted modules exploiting web applications which allow attackers to upload files to arbitrary locations, including where the web application would interpret them as code! The first...

7.5CVSS9.5AI score0.9927EPSS
Exploits13
Rapid7 Blog
Rapid7 Blog
added 2020/11/19 5:7 p.m.49 views

Announcing the 2020 December Metasploit community CTF

It’s time for another Metasploit community CTF! We're back on our usual end-of-year schedule this time around, and we’re doing a few things differently. Past CTFs have featured a wide range of challenges across different architectures, difficulty levels, and targets. This year, we wanted to make...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/11/19 2:51 p.m.38 views

This One Time on a Pen Test: CSRF to Password Reset Phishing

Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2020 Under the Hoodie report...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/11/18 6:18 p.m.22 views

Congress unanimously passes federal IoT security law

The US Senate unanimously passed the IoT Cybersecurity Improvement Act H.R.1668 yesterday. The US House passed the bill in September, so it is highly likely to become law, barring a Presidential veto. This is arguably the most significant US IoT-specific cybersecurity law to date, as well as the...

0.5AI score
Exploits0
Total number of security vulnerabilities1723