Lucene search
K
Rapid7blogRecent

1723 matches found

Rapid7 Blog
Rapid7 Blog
added 2025/05/28 1:0 p.m.7 views

Key Takeaways from the Take Command Summit 2025: Customer Panel on Future-Proofing VM Programs

One of the most actionable sessions at the Take Command 2025 Virtual Cybersecurity Summit came directly from the field. In a panel hosted by Aniket Menon, VP of Product Management at Rapid7, security leaders from Cross Financial Corp, Phibro Animal Health Corporation, and Miltenyi Biotec shared h...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/27 2:0 p.m.13 views

Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape

When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/27 2:0 p.m.5 views

Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape

When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/23 1:0 p.m.8 views

Threats don’t wait, neither should you: Mastering Emergent Threat Response Validation

Cybersecurity is a team sport In cybersecurity, no one fights alone. Defending against modern threats requires seamless collaboration, real-time intelligence, and precision execution—just like a well-coordinated sports team. That’s why Rapid7 Labs and our Vector Command team work together to stay...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/22 6:14 p.m.34 views

Metasploit Wrap-Up

Making Metasploit faster This week's wrap-up includes many new modules, but notably, we've upgraded Metasploit loading. Thanks to bcoles, the bootup performance when searching for a module has been increased in 20166. Also, we've reduced Metasploit startup time - in 20155. New module content 6...

9.3CVSS10AI score0.99973EPSS
Exploits22
Rapid7 Blog
Rapid7 Blog
added 2025/05/22 3:0 p.m.9 views

What the Take Command 2025 Survey Tells Us About the State of Security

The Take Command 2025 Virtual Cybersecurity Summit wasn’t just about sharing insights, it was about listening. After the live sessions wrapped, we surveyed attendees to understand where their security programs stand today, what challenges they’re facing, and what they found most valuable during t...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/22 12:0 p.m.40 views

NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign

Co-authored byAnna Širokova and Ivan Feigl Executive summary Rapid7 has been tracking a malware campaign that uses fake software installers disguised as popular apps like VPN and QQBrowser—to deliver Winos v4.0, a hard-to-detect malware that runs entirely in memory and gives attackers remote...

7.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/21 2:0 p.m.11 views

Key Takeaways from the Take Command Summit 2025: Inside the Mind of an Attacker

In one of the most anticipated sessions of Take Command 2025, Raj Samani, Chief Scientist at Rapid7, sat down with Trent Teyema, former FBI Special Agent and President of CSG Strategies, for a candid conversation on how threat actors are evolving and what defenders must do to keep up. Moderated b...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/21 2:0 p.m.6 views

Key Takeaways from the Take Command Summit 2025: Inside the Mind of an Attacker

In one of the most anticipated sessions of Take Command 2025, Raj Samani, Chief Scientist at Rapid7, sat down with Trent Teyema, former FBI Special Agent and President of CSG Strategies, for a candid conversation on how threat actors are evolving and what defenders must do to keep up. Moderated b...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/16 4:38 p.m.35 views

Metasploit Wrap-Up 05/16/2025

New modules for everyone This week’s release is packed with new module content. We have RCE modules for Car Rental System 1.0, Wordpress plugins SureTriggers, User Registration and Membership. We also have a persistence module for LINQPad software and an auxiliary module for POWERCOM UPSMON PRO. ...

8.1CVSS9.2AI score0.76286EPSS
Exploits24
Rapid7 Blog
Rapid7 Blog
added 2025/05/16 11:0 a.m.18 views

Ivanti Endpoint Manager Mobile exploit chain exploited in the wild

On May 13, 2025, Ivanti disclosed an exploited in the wild exploit chain, comprising of two new vulnerabilities affecting Ivanti Endpoint Manager Mobile EPMM: CVE-2025-4427 and CVE-2025-4428. Ivanti EPMM is an enterprise-focused software suite for IT teams to manage mobile devices, applications,...

8.8CVSS7.4AI score0.99589EPSS
Exploits10
Rapid7 Blog
Rapid7 Blog
added 2025/05/16 11:0 a.m.8 views

Ivanti Endpoint Manager Mobile exploit chain exploited in the wild

On May 13, 2025, Ivanti disclosed an exploited in the wild exploit chain, comprising of two new vulnerabilities affecting Ivanti Endpoint Manager Mobile EPMM: CVE-2025-4427 and CVE-2025-4428. Ivanti EPMM is an enterprise-focused software suite for IT teams to manage mobile devices, applications,...

8.8CVSS9.4AI score0.99589EPSS
Exploits10
Rapid7 Blog
Rapid7 Blog
added 2025/05/14 2:59 p.m.6 views

CVE-2025-32756 Exploited in the Wild, Affecting Multiple Fortinet Products

On May 13, 2025, Fortinet disclosed CVE-2025-32756, an unauthenticated stack-based buffer overflow affecting multiple Fortinet products; including FortiVoice, FortiRecorder, FortiNDR, FortiMail, and FortiCamera. The vulnerability is rated as CVSS 9.6 Critical, and allows an unauthenticated remote...

9.8CVSS10AI score0.31419EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2025/05/14 2:59 p.m.48 views

CVE-2025-32756 Exploited in the Wild, Affecting Multiple Fortinet Products

On May 13, 2025, Fortinet disclosed CVE-2025-32756, an unauthenticated stack-based buffer overflow affecting multiple Fortinet products; including FortiVoice, FortiRecorder, FortiNDR, FortiMail, and FortiCamera. The vulnerability is rated as CVSS 9.6 Critical, and allows an unauthenticated remote...

9.8CVSS10AI score0.31419EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2025/05/13 8:58 p.m.31 views

Patch Tuesday - May 2025

Microsoft is addressing 77 vulnerabilities this May 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation for five of the vulnerabilities published today, and these are already reflected in CISA KEV. Separately, Microsoft is aware of existing public disclosure for two...

10CVSS9.8AI score0.57672EPSS
Exploits14
Rapid7 Blog
Rapid7 Blog
added 2025/05/13 8:58 p.m.8 views

Patch Tuesday - May 2025

Microsoft is addressing 77 vulnerabilities this May 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation for five of the vulnerabilities published today, and these are already reflected in CISA KEV. Separately, Microsoft is aware of existing public disclosure for two...

9.8CVSS9.1AI score0.21562EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2025/05/13 1:0 p.m.22 views

Vendor-Agnostic Security: The Key To Smarter Risk Management

Security teams are investing in more tools than ever – but visibility into real risk is still elusive. Why? Because too many tools are locked inside closed ecosystems that don’t share data or context. A vendor-agnostic security strategy changes that. It gives you the flexibility to integrate...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/12 2:1 p.m.16 views

Recognizing Excellence: Rapid7’s Kelly Hiscoe and Heather DeMartini Honored as CRN’s 2025 Women of the Channel

We are thrilled to announce that two outstanding Rapid7 team members, Kelly Hiscoe and Heather DeMartini, have been recognized as CRN's 2025 Women of the Channel. This prestigious recognition honors innovative and strategic leaders that demonstrate commitment to advancing channel excellence and...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/09 5:10 p.m.18 views

Metasploit Wrap-Up 05/09/2025

New Toys and New Techniques This release features a new OPNSense login scanner, a module targeting the Sante PACS path traversal vulnerability, an additional method for stealing Network Access Account credentials via SMB to HTTP relay, and the Erlang/OTP SSH exploit everyone was excited about. Ne...

10CVSS9.8AI score0.97673EPSS
Exploits38
Rapid7 Blog
Rapid7 Blog
added 2025/05/07 8:18 p.m.25 views

Multiple vulnerabilities in SonicWall SMA 100 series (FIXED)

Overview In April of 2025, Rapid7 discovered and disclosed three new vulnerabilities affecting SonicWall Secure Mobile Access “SMA” 100 series appliances SMA 200, 210, 400, 410, 500v. These vulnerabilities are tracked as CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821. An attacker with access ...

8.8CVSS9.2AI score0.29415EPSS
Exploits1
Rapid7 Blog
Rapid7 Blog
added 2025/05/07 8:18 p.m.6 views

Multiple vulnerabilities in SonicWall SMA 100 series (FIXED)

Overview In April of 2025, Rapid7 discovered and disclosed three new vulnerabilities affecting SonicWall Secure Mobile Access “SMA” 100 series appliances SMA 200, 210, 400, 410, 500v. These vulnerabilities are tracked as CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821. An attacker with access ...

8.8CVSS10AI score0.29415EPSS
Exploits1
Rapid7 Blog
Rapid7 Blog
added 2025/05/07 1:0 p.m.12 views

Exploring an Untethered, Unified Approach to CTEM

We live in a world where traditional Vulnerability Management VM has become infosec’s version of ‘whack-a-mole’— an attempt to tackle risks that constantly shift, multiply, and morph. As organizations push workloads to the cloud, offer customers digital experiences, or as they build AI-enabled...

7.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/07 1:0 p.m.6 views

Exploring an Untethered, Unified Approach to CTEM

We live in a world where traditional Vulnerability Management VM has become infosec’s version of ‘whack-a-mole’— an attempt to tackle risks that constantly shift, multiply, and morph. As organizations push workloads to the cloud, offer customers digital experiences, or as they build AI-enabled...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/06 1:0 p.m.14 views

Key Takeaways from the Take Command Summit 2025: From Zero to Hero: Building the Perfect Defense

At Take Command 2025, bold ideas and fresh thinking took center stage — in particular in our opening talk From Zero to Hero: Building the Perfect Defense. Led by Ted Harrington, Executive Partner at ISE, and hosted by Thom Langford, EMEA CTO at Rapid7, this session challenged security leaders to...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/02 7:38 p.m.13 views

Metasploit Wrap-Up 05/02/2025

Meterpreter Extended API Clipboard Monitoring Security is hard, and Open Source Security is a collaborative effort. This week, Metasploit released a fix for a vulnerability that was privately disclosed to us by long-time community member bcoles. The vulnerability in question impacted Metasploit...

6.1CVSS7.1AI score0.54305EPSS
Exploits16
Rapid7 Blog
Rapid7 Blog
added 2025/05/01 3:5 p.m.12 views

Why is Ransomware Still a Thing in 2025?

When was the last time you had a serious conversation about cybersecurity that didn’t touch on ransomware? We all know that it’s one of the most persistent and damaging threats out there. Yet, this isn’t because it’s new—ransomware’s been around since 1989—but because we are making it far too eas...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/01 3:5 p.m.5 views

Why is Ransomware Still a Thing in 2025?

When was the last time you had a serious conversation about cybersecurity that didn’t touch on ransomware? We all know that it’s one of the most persistent and damaging threats out there. Yet, this isn’t because it’s new—ransomware’s been around since 1989—but because we are making it far too eas...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/01 1:0 p.m.11 views

AI and Resilience Take the Spotlight in 2025: Key Trends from Gartner® Cybersecurity Research

Cybersecurity has never stood still — but in 2025, it’s not just evolving. It’s transforming. Cybersecurity has entered a pivotal new phase. According to Gartner®, Top Trends in Cybersecurity for 2025 , “Security and risk management SRM leaders must enable business value and double down on...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/30 1:0 p.m.5 views

Three Takeaways from the Gartner® Report: How to Grow Vulnerability Management Into Exposure Management

Security leaders today face a harsh reality: traditional vulnerability management isn’t enough. Threat actors are evolving, attack surfaces are expanding, and organizations need a more proactive approach to stay ahead of risk. Latest research from Gartner, How to Grow Vulnerability Management Int...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/30 1:0 p.m.14 views

Three Takeaways from the Gartner® Report: How to Grow Vulnerability Management Into Exposure Management

Security leaders today face a harsh reality: traditional vulnerability management isn’t enough. Threat actors are evolving, attack surfaces are expanding, and organizations need a more proactive approach to stay ahead of risk. Latest research from Gartner, How to Grow Vulnerability Management Int...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/29 12:45 p.m.9 views

Reinforcing resilience with financial assurance: Breach protection matters now more than ever

Introducing Rapid7’s value-added Breach Protection Warranty that delivers confidence, clarity, and coverage when it matters most. Life’s old adage often applies in security: Hope for the best, prepare for the worst. In today’s threat landscape, even the best-prepared organizations can’t guarantee...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/29 12:40 p.m.29 views

InsightIDR AI Alert Triage Automatically Classifies Alerts with 99.93% Accuracy

Rapid7 AI Alert Triage helps SOC analysts quickly and accurately triage thousands of daily alerts, improving efficiency and enabling focus. One universal truth in Security Operations Centers SOCs is that analysts are overwhelmed by the high volume of alerts they receive. In a recent survey, SOC...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/29 12:35 p.m.20 views

Deepening the MDR partnership: Rapid7 now delivers Active Remediation with Velociraptor

Rapid7 is expanding its response capabilities to meet the demands and relentless pace of today’s threat landscape – and the operational needs of our customers. Partnership means many things to us here at Rapid7. It means showing up with trusted expertise, providing clear guidance in moments of...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/29 12:30 p.m.18 views

Driving down MTTR with Remediation Hub, Available in Rapid7 Exposure Command

Co-authored by Peter Whibley, Ed Montgomery, and Joel Alcon Technology innovation combined with the highly fragmented nature of today's IT landscape means that vulnerabilities are being exploited faster and at greater scale than ever. Security teams contend with a daily surge of new threat actors...

7.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/29 12:26 p.m.6 views

From Exposure to Assurance: Unified Remediation Across the Security Lifecycle

When it comes to defending your organization, every second counts. The time to detect, respond, and remediate is critical, but speed alone isn't enough. Fragmentation across security tools, siloed teams, and manual workflows leaves organizations constantly reactive, overwhelmed by alerts, and at...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/28 1:0 p.m.16 views

Introducing Rapid7’s Exposure Assessment Platform Buyer’s Guide

Cybersecurity threats are evolving at an unprecedented pace, making it imperative for organizations to stay ahead of attackers with proactive security measures. To help organizations navigate this rapidly changing threat landscape, we are excited to introduce the Exposure Assessment Platform EAP...

7.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/28 11:57 a.m.27 views

Active exploitation of SAP NetWeaver Visual Composer CVE-2025-31324

On Thursday, April 24, enterprise resource planning company SAP published a CVE and a day later, an advisory behind login for CVE-2025-31324, a zero-day vulnerability in NetWeaver Visual Composer that carries a CVSSv3 score of 10. The vulnerability arises from a missing authorization check in...

10CVSS9.5AI score0.99359EPSS
Exploits18
Rapid7 Blog
Rapid7 Blog
added 2025/04/28 11:57 a.m.7 views

Active exploitation of SAP NetWeaver Visual Composer CVE-2025-31324

On Thursday, April 24, enterprise resource planning company SAP published a CVE and a day later, an advisory behind login for CVE-2025-31324, a zero-day vulnerability in NetWeaver Visual Composer that carries a CVSSv3 score of 10. The vulnerability arises from a missing authorization check in...

10CVSS9.1AI score0.99359EPSS
Exploits18
Rapid7 Blog
Rapid7 Blog
added 2025/04/25 8:3 p.m.40 views

Metasploit Wrap-Up 04/25/2025

AD CS workflow improvement with new PKCS12 features Given the increasing popularity of AD CS misconfiguration exploitation in recent years, Metasploit has been consistently improving its capabilities in this area. This week’s release introduces a new certs command to the msfconsole, enabling user...

9.8CVSS9.8AI score0.45773EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2025/04/24 1:45 p.m.16 views

THE NEW Rapid7 MDR for Enterprise: Tailored Detection and Response for Complex Environments

Complex ecosystems. Custom applications. Specialized log sources. Distributed operations. Enterprise security leaders aren’t just defending against threats—they’re navigating a fragmented environment where visibility, coverage, and coordination are constant challenges. Our MDR service provides...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/23 1:0 p.m.19 views

From Noise to Action: Introducing Intelligence Hub

Co-authored by Raj Samani Chief Scientist & Craig Adams Chief Product Officer In traditional conflicts, intelligence is both integral and beneficial to decision-making at every level. Unfortunately, in cybersecurity, the impact of threat intelligence as an asset for organizations—and in particula...

9.8CVSS7.2AI score0.98259EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2025/04/21 1:0 p.m.12 views

Top Lessons from Take Command 2025

The live sessions may be over, but with every talk now available on demand, it’s the perfect time to reflect on the biggest takeaways from this year’s summit—and how they can help security teams move faster, act smarter, and take control of their attack surface. From red teaming tactics to...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/18 2:58 p.m.21 views

Metasploit Wrap-Up 04/18/2025

Smaller Fetch Payloads This week, a significant enhancement was made to the already awesome fetch payload feature by our very own bwatters-r7. The improvement introduces a new option, PIPEFETCH, which optimizes the process by serving both the payload and the command to be executed simultaneously...

9.8CVSS10AI score0.99968EPSS
Exploits38
Rapid7 Blog
Rapid7 Blog
added 2025/04/16 2:56 p.m.3 views

Following the News: MITRE’s Common Vulnerabilities and Exposures (CVE) Funding

The current situation On April 16, CISA extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures CVE program. This was in response to a letter sent by MITRE on April 15 to CVE board members warning of a potential issue with MITRE's support for the CVE...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/16 2:56 p.m.9 views

Following the News: MITRE’s Common Vulnerabilities and Exposures (CVE) Funding

The current situation On April 16, CISA extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures CVE program. This was in response to a letter sent by MITRE on April 15 to CVE board members warning of a potential issue with MITRE's support for the CVE...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/14 2:30 p.m.6 views

Take Command 2025: A Day of Insight, Innovation, and Impact

Take Command 2025 is officially in the books. From the opening sessions to the final takeaways, the summit delivered a full day of high-impact discussions, fresh research, and powerful stories from across the cybersecurity spectrum. This year’s event brought together cybersecurity leaders,...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/11 6:3 p.m.47 views

Metasploit Weekly Wrap-Up 04/11/2025

Spring Exploits This weekly release of Metasploit Framework includes new RCE exploit modules for several vulnerable applications: Appsmith, a low-code application platform which contains a misconfiguration on PostgreSQL CVE-2024-55964; Pandora FMS, a monitoring solution, where, once gained access...

8.6CVSS10AI score0.96284EPSS
Exploits24
Rapid7 Blog
Rapid7 Blog
added 2025/04/10 1:0 p.m.10 views

Password Spray Attacks Taking Advantage of Lax MFA

In the first quarter of 2025, Rapid7’s Managed Threat Hunting team observed a significant volume of brute-force password attempts leveraging FastHTTP, a high-performance HTTP server and client library for Go, to automate unauthorized logins via HTTP requests. This rapid volume of credential...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/10 1:0 p.m.5 views

Password Spray Attacks Taking Advantage of Lax MFA

In the first quarter of 2025, Rapid7’s Managed Threat Hunting team observed a significant volume of brute-force password attempts leveraging FastHTTP, a high-performance HTTP server and client library for Go, to automate unauthorized logins via HTTP requests. This rapid volume of credential...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/04/08 8:30 p.m.47 views

Patch Tuesday - April 2025

Microsoft is addressing 121 vulnerabilities this April 2025 Patch Tuesday, which is more than twice as many as last month. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, which is already reflected in CISA KEV. Once again, Microsoft has...

8.8CVSS9.1AI score0.1806EPSS
Exploits11
Total number of security vulnerabilities1723