Lucene search
K
Rapid7communityMost viewed

138 matches found

rapid7community
rapid7community
added 2017/06/19 2:52 p.m.86 views

Wanna Decryptor (WNCRY) Ransomware Explained

Mark the date: May 12, 2017. This is the day the "ransomworm" dubbed "WannaCry" / "Wannacrypt" burst -- literally -- onto the scene with one of the initial targets being the British National Health Service. According to The Guardian: the "unprecedented attack… affected 12 countries and at least 1...

7.1AI score
Exploits0
rapid7community
rapid7community
added 2017/07/17 6:38 p.m.81 views

Building a Car Hacking Development Workbench: Part 1

Introduction There is a vast body of knowledge hiding inside your car. Whether you are an auto enthusiast, developer, hobbyist, security researcher, or just curious about vehicles, building a development bench can be an exciting project to facilitate understanding and experimentation without...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/07/26 12:49 p.m.75 views

How Do You Identify Zero-Days and Fileless Malware? Download (the) RAM.

Banner Source: The ever-handy http://www.downloadmoreram.com. When a tactic becomes less and less effective, its important to shift strategies and adapt. With malware, attackers are doing exactly that. As preventative measures such as antivirus and endpoint detection and response continue to...

7.6AI score
Exploits0
rapid7community
rapid7community
added 2017/07/20 12:9 p.m.72 views

(Server) Ransomware in the Cisco 2017 Midyear Cybersecurity Report: Rapid7's Readout

It's summer in the northern hemisphere and many folks are working their way through carefully crafted reading lists, rounding out each evening exploring fictional lands or investigating engrossing biographies. I'm hoping that by the end of this post, you'll be adding another item to your "must...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/07/05 2:1 p.m.71 views

Running an Effective Incident Response Tabletop Exercise

Are you ready for an incident? Are you confident that your team knows the procedures, and that the procedures are actually useful? An incident response tabletop exercise is an excellent way to answer these questions. Below, Ive outlined some steps to help ensure success for your scenario-based...

6.9AI score
Exploits0
rapid7community
rapid7community
added 2017/05/31 9:5 p.m.70 views

How to Combine D3 with AngularJS

The Benefits and Challenges of D3 Angular Combination Today we'll be focusing on how to combine D3 with the AngularJS framework. As we all know, Angular and D3 frameworks are very popular, and once they work together they can be very powerful and helpful when creating dashboards. But, they can al...

6.7AI score
Exploits0
rapid7community
rapid7community
added 2017/04/11 4:19 p.m.64 views

InsightVM: Analytics-driven Vulnerability Management, All The Way To The End(point)

In 2015 Rapid7 introduced the Insight platform, built to reduce the complexity inherent in security analytics. This reality was introduced first to our InsightIDR users, who now had the capabilities of a SIEM, powered by user behavior analytics UBA and endpoint detection. Soon we started to roll...

6.7AI score
Exploits0
rapid7community
rapid7community
added 2017/07/11 6:7 p.m.63 views

Cleaning House: Maintaining an accurate and relevant vulnerability management program

When Nexpose launched in the early 2000s, technology was vastly different from the world we live in today: most people connected to the internet over dial-up modems, personal computers were shared within the household, and televisions were still set-top boxes. Technology has evolved dramatically...

6.7AI score
Exploits0
rapid7community
rapid7community
added 2017/08/22 12:6 p.m.59 views

R7-2017-07: Multiple Fuze TPN Handset Portal vulnerabilities (FIXED)

This post describes three security vulnerabilities related to access controls and authentication in the TPN Handset Portal, part of the Fuze platform. Fuze fixed all three issues by May 6, 2017, and user action is not required to remediate. Rapid7 thanks Fuze for their quick and thoughtful respon...

7.2AI score
Exploits0
rapid7community
rapid7community
added 2017/04/20 1:6 p.m.59 views

Live Vulnerability Monitoring with Agents for Linux…and more

A few months ago, I shared news of the release of the macOS Insight Agent. Today, Im pleased to announce the availability of the the Linux Agent within Rapid7's vulnerability management solutions. The arrival of the Linux Agent completes the trilogy that Windows and macOS began in late 2016. For...

7AI score
Exploits0
rapid7community
rapid7community
added 2017/03/21 3:3 p.m.59 views

Combining Responder and PsExec for Internal Penetration Tests

By Emilie St-Pierre, TJ Byrom, and Eric Sun Ask any pen tester what their top five penetration testing tools are for internal engagements, and you will likely get a reply containing nmap, Metasploit, CrackMapExec, SMBRelay and Responder. An essential tool for any whitehat, Responder is a Python...

7.7AI score
Exploits0
rapid7community
rapid7community
added 2017/05/20 2:40 p.m.58 views

EternalBlue: Metasploit Module for MS17-010

This week's release of Metasploit includes a scanner and exploit module for the EternalBlue vulnerability, which made headlines a couple of weeks ago when hacking group, the Shadow Brokers, disclosed a trove of alleged NSA exploits. Included among them, EternalBlue, exploits MS17-010, a Windows S...

6.9AI score
Exploits0
rapid7community
rapid7community
added 2017/08/21 7:1 p.m.56 views

Survival of the fastest: evolving defenders with broad security automation

If youve read the news at all lately, you know that we're having some struggles with information security. Everything from elections to hospitals to Westeros is considered a target, and adversaries continue to learn and innovate--often faster than the defense can respond. Its not that they have...

6.5AI score
Exploits0
rapid7community
rapid7community
added 2017/07/20 6:44 p.m.56 views

Announcement: End-of-life Metasploit 32-bit versions

UPDATE: With the release of version 4.15 on July 19, 2017, commercial Metasploit 32-bit platforms Metasploit Pro, Metasploit Express, and Metasploit Community no longer receive future product or content updates. These platforms are now obsolete and are no longer supported. Rapid7 announced the en...

6.5AI score
Exploits0
rapid7community
rapid7community
added 2017/06/01 8:0 p.m.55 views

R7-2017-05 | CVE-2017-3211: Centire Yopify Information Disclosure

This post describes a vulnerability in Yopify a plugin for various popular e-commerce platforms, as well as remediation steps that have been taken. Yopify leaks the first name, last initial, city, and recent purchase data of customers, all without user authorization. This poses a significant...

5.7AI score0.00829EPSS
Exploits1
rapid7community
rapid7community
added 2017/08/17 5:27 p.m.54 views

More Answers, Less Query Language: Bringing Visual Search to InsightIDR

Sitting down with your data lake and asking it questions has never been easy. In the infosec world, there are additional layers of complexity. Users are bouncing between assets, services, and geographical locations, with each monitoring silo producing its own log files and slivers of the complete...

6.7AI score
Exploits0
rapid7community
rapid7community
added 2017/06/02 1:15 p.m.54 views

Getting started in sales: Q&A with Eric Erston

Today we're excited to introduce a key leader in Rapid7s sales organization: Eric Erston is Rapid7's senior vice president of sales for the Americas region. He has extensive experience in a variety of sales roles, including leading go-to-market functions for mergers and acquisitions. Prior to...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/08/18 4:6 p.m.52 views

Metasploit: The New Shiny

It's been a while since I've written a blog post about new stuff in Metasploit and I'm not sure if the editors will let me top the innuendo of the last one. But I'm privileged to announce that I'm speaking about Metasploit twice next month: once at the FSec 17 Conference in Varaždīn, Croatia...

6.5AI score
Exploits0
rapid7community
rapid7community
added 2017/08/17 3:6 p.m.52 views

You've Got 0-Day!

Hey all, it feels like its been forever since I wrote a blog post that wasnt about some specific disaster currently consuming the Internet, so I just wanted to drop a note here about how Ill be speaking at UNITED 2017, Rapid7s annual security summit in Boston September 11-14. Specifically, Ill be...

6.6AI score
Exploits0
rapid7community
rapid7community
added 2017/06/07 7:37 p.m.52 views

WannaCry coda: Have you disabled SMBv1?

By now, if you're reading this blog, you probably have read about WannaCry. If not, please take a moment to review: Wanna Decryptor WNCRY Ransomware Explained Using Threat Intelligence to Mitigate Wanna Decryptor WannaCry WannaCry Update: Vulnerable SMB Shares Are Widely Deployed And People Are...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/05/09 4:38 p.m.52 views

SIEM Security Tools: Four Expensive Misconceptions

Why modern SIEM security solutions can save you from data and cost headaches. If you want to reliably detect attacks across your organization, you need to see all of the activity thats happening on your network. More importantly, that activity needs to be filtered and prioritized by risk -- acros...

6.6AI score
Exploits0
rapid7community
rapid7community
added 2017/07/21 5:3 p.m.50 views

Virtual Machine Automation (vm-automation) repository released

Rapid7 just released a new public repo called vm-automation. The vm-automation repository is a Python library that encapsulates existing methodologies for virtual machine and hypervisor automation and provides a platform-agnostic Python API. Currently, only ESXi and VMWare workstation are...

7.2AI score
Exploits0
rapid7community
rapid7community
added 2017/07/18 3:36 p.m.49 views

InsightVM now available in Japan

InsightVM customers can now choose to store their InsightVM data in Japan. At Rapid7, we enable customers to comply with policies and preferences by selecting the region where their data is transmitted, processed, and stored. We're excited to announce that Japan joins our existing data centers in...

6.7AI score
Exploits0
rapid7community
rapid7community
added 2017/07/17 5:19 p.m.48 views

Building a Car Hacking Development Workbench: Part 2

This is part two of a three-part series. Part one covered how to build a development workbench. Part two of this series will cover reading electrical diagrams and serve as a primer for part three, where we will re-engineer common circuit types found in vehicles. Electrical Diagrams &...

6.7AI score
Exploits0
rapid7community
rapid7community
added 2017/05/17 9:31 p.m.47 views

CVE-2017-5242: Nexpose/InsightVM Virtual Appliance Duplicate SSH Host Key

Today, Rapid7 is notifying Nexpose and InsightVM users of a vulnerability that affects certain virtual appliances. While this issue is relatively low severity, we want to make sure that our customers have all the information they need to make informed security decisions regarding their networks. ...

7.4AI score0.00376EPSS
Exploits0
rapid7community
rapid7community
added 2017/05/08 1:47 p.m.47 views

Simple Vulnerability Remediation Collaboration with InsightVM

Many security groups today use ticketing systems that were originally designed for IT or developers, and are usually ill-suited to their vulnerability management needs. Even more commonly, teams simply rely on spreadsheets and unwieldy reports. On the other end of the spectrum, some security team...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/08/24 4:14 p.m.44 views

The Next Generation of the Rapid7 Community

Rapid7s community is evolving! For the past several years, community.rapid7.com has been our platform for news and knowledge spanning blogs, questions, discussion, and documentation. We have tried to ensure that our community site has been a source of pragmatic, down-to-earth information and...

6.6AI score
Exploits0
rapid7community
rapid7community
added 2017/08/15 5:41 p.m.44 views

Top Reasons for Graduate Students to Attend UNITED

The countdown is on to Rapid7s annual UNITED Summit in Boston on September 13-14. Rapid7 has partnered with top universities all over the globe to provide students with industry-leading security solutions as part of their coursework, equipping them with hands-on knowledge as they head into the...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/05/31 9:16 p.m.43 views

DevOps: Vagrant with AWS EC2 & Digital Ocean

The Benefits of Vagrant Plugins Following on from my recent DevOps blog posts, The DevOps Tools We Use & How We Use Them and Vagrant with Chef-Server, we will take another step forward and look into provisioning our servers in the cloud. There are many cloud providers out there, most who provide...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/05/10 3:4 p.m.41 views

IoT Security Testing Methodology

By Deral Heiland IoT - IoT Research Lead Rapid7 Nathan Sevier - Senior Consultant Rapid7 Chris Littlebury - Threat Assessment Manage Rapid7 End-to-end ecosystem methodology When examining IoT technology, the actionable testing focus and methodology is often applied solely to the embedded device...

7.1AI score
Exploits0
rapid7community
rapid7community
added 2017/05/16 10:42 p.m.40 views

WannaCry Update: Vulnerable SMB Shares Are Widely Deployed And People Are Scanning For Them

WannaCry Overview Last week the WannaCry ransomware worm, also known as Wanna Decryptor, Wanna Decryptor 2.0, WNCRY, and WannaCrypt started spreading around the world, holding computers for ransom at hospitals, government offices, and businesses. To recap: WannaCry exploits a vulnerability in the...

6.5AI score
Exploits0
rapid7community
rapid7community
added 2017/05/15 3:1 p.m.40 views

Exploitable Vulnerabilities: A Metasploit-Vulnerability Management Love Story

Integrating InsightVM or Nexpose Rapid7's vulnerability management solutions with Metasploit our penetration testing solution is a lot like Cupid playing "matchmaker" with vulnerabilities and exploit modules. When a vulnerability scan is imported into Metasploit, many things happen under the hood...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/06/13 2:5 p.m.39 views

Why you have to move beyond “We have a policy for that”

Ive never been a big fan of - or have believed in the value of - security policies. Sure, theyre necessary for setting expectations and auditors want to see them. They can also serve as a sort of insurance policy to fall back on when an unexpected security "event" occurs. But, at the end of the...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/05/24 2:19 p.m.38 views

Heroku Dynos Explained

What are Heroku Dynos? If youve ever hosted an application on Heroku, the popular platform as a service, youre likely at least aware of the existence of "Dynos". But what exactly are Heroku Dynos and why are they important? As explained in Herokus docs, Dynos are simply lightweight Linux containe...

6.6AI score
Exploits0
rapid7community
rapid7community
added 2017/05/05 12:1 p.m.38 views

2017 Verizon Data Breach Report (DBIR): Key Takeaways

The much-anticipated, tenth-anniversary edition of the Verizon DBIR has been released http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/, once again providing a data-driven snapshot into what topped the cybercrime charts in 2016. There are just under seventy-five information-rich...

6.6AI score
Exploits0
rapid7community
rapid7community
added 2017/06/13 6:7 p.m.37 views

Live Threat-Driven Vulnerability Prioritization

We often hear that security teams are overwhelmed by the number of vulnerabilities in their environments: every day they are finding more than they can fix. It doesnt help when rating schemes used for prioritization, like the Common Vulnerability Scoring System CVSS, dont really work at scale or...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/05/12 9:23 p.m.37 views

White House Cybersecurity Executive Order Summary

Yesterday President Trump issued an Executive Order on cybersecurity: "Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure." The Executive Order EO appears broadly positive and well thought out, though it is just the beginning of a long process and not a sea change in...

6.7AI score
Exploits0
rapid7community
rapid7community
added 2017/06/16 2:51 p.m.36 views

Wanna see WannaCry vulns in Splunk?

Do you want to see your WannaCry vulns all in one dashboard in Splunk? We've got you covered. Before you start, make sure you have these two apps installed in your Splunk App: Rapid7 Nexpose Technology Add-On for Splunk Rapid7 Nexpose for Splunk Steps 1. Follow the directions in this blog post to...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/05/15 7:57 p.m.36 views

Using Threat Intelligence to Mitigate Wanna Decryptor (WannaCry)

Basics of Cyber Threat Intelligence Cyber Threat Intelligence is analyzed information about the opportunities, capabilities, and intent of cyber adversaries. The goal of cyber threat intelligence is to help people make decisions about how to prevent, detect, and respond to threats against their...

6.5AI score
Exploits0
rapid7community
rapid7community
added 2017/05/18 12:31 p.m.35 views

The CIS Critical Controls Explained - Control 7: Email and Web browser protection

This blog is a continuation of our blog post series around the CIS Critical Controls. The biggest threat surface in any organization is its workstations. This is the reason so many of the CIS Critical Security Controls relate to workstation and user-focused endpoint security. It is also the reaso...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/05/17 5:0 p.m.35 views

R7-2016-23, R7-2016-26, R7-2016-27: Multiple Home Security Vulnerabilities

Executive Summary In October of 2016, former Rapid7 researcher Phil Bosco discovered a number of relatively low-risk vulnerabilities and issues involving home security systems that are common throughout the United States, and which have significant WiFi or Ethernet capabilities. The three systems...

6.9AI score
Exploits0
rapid7community
rapid7community
added 2014/10/09 7:53 p.m.35 views

Scan Export/Import Using the nexpose-client Gem

The latest release 5.10.13 introduces a new feature into Nexpose, scan exporting and importing. We're looking to address a need in air-gap environments, where customers can have multiple consoles to address network partitioning. This approach is not without its warts. For example, if you have...

6.6AI score
Exploits0
rapid7community
rapid7community
added 2017/05/09 3:6 p.m.34 views

Project Sonar - Mo' Data, Mo' Research

Since its inception, Rapid7's Project Sonar has aimed to share the data and knowledge we've gained from our Internet scanning and collection activities with the larger information security community. Over the years this has resulted in vulnerability disclosures, research papers, conference...

6.5AI score
Exploits0
rapid7community
rapid7community
added 2017/06/05 8:40 p.m.33 views

The CIS Critical Security Controls Series

What are the CIS Critical Security Controls? The Center for Internet Security CIS Top 20 Critical Security Controls previously known as the SANS Top 20 Critical Security Controls, is an industry-leading way to answer your key security question: "How can I be prepared to stop known attacks?" The...

6.6AI score
Exploits0
rapid7community
rapid7community
added 2017/08/08 1:45 p.m.32 views

Announcing the new log search UI for Logentries

We are excited to announce the upcoming release of our brand new log search functionality. This contains a number of new features and a lot of improvements to the user experience. Among some of the new features is a brand new query builder, the ability to change which logs should be in a log set,...

6.6AI score
Exploits0
rapid7community
rapid7community
added 2017/06/28 12:39 p.m.32 views

Copyright Office Calls For New Cybersecurity Researcher Protections

On Jun. 22, the US Copyright Office released its long-awaited study on Sec. 1201 of the Digital Millennium Copyright Act DMCA, and it has important implications for independent cybersecurity researchers. Mostly the news is very positive. Rapid7 advocated extensively for researcher protections to ...

6.8AI score
Exploits0
rapid7community
rapid7community
added 2017/05/10 8:31 p.m.32 views

Announcement: End-of-life Metasploit 32-bit versions

Rapid7 announced the end of life of Metasploit Pro 32-bit versions for both Windows and Linux operating systems on July 5th, 2017. This announcement applies to all editions: Metasploit Pro, Metasploit Express and Metasploit Community. After this date Metasploit 32-bit platforms will not receive...

6.5AI score
Exploits0
rapid7community
rapid7community
added 2017/05/11 2:1 p.m.31 views

Discovery of assets in Active Directory

Many security teams work in a world that they can't fully see, let alone control. It can be difficult to know how to make meaningful progress in your vulnerability management program when simply maintaining visibility can be a struggle. One way to get some leverage is to make wise use of asset...

6.7AI score
Exploits0
rapid7community
rapid7community
added 2017/04/19 2:2 p.m.31 views

Rapid7 urges NIST and NTIA to promote coordinated disclosure processes

Rapid7 has long been a champion of coordinated vulnerability disclosure and handling processes as they play a critical role in both strengthening risk management practices and protecting security researchers. We not only use coordinated disclosure processes in our own vulnerability disclosure and...

6.5AI score
Exploits0
rapid7community
rapid7community
added 2017/06/19 3:58 p.m.30 views

What is BDD Testing: Practical Examples of Behavior Driven Development Testing

The Need for Behavior Driven Development BDD Testing Tools It should come as no surprise to learn that testing is at the heart of our engineers' daily activities. Testing is intrinsic to our development process, both in practical terms and in our thinking. Our engineers work with complex systems...

7AI score
Exploits0
Total number of security vulnerabilities138