4 min
AWS
Securing Buckets with Amazon S3 Block Public Access
Amazon Web Services recently introduced a new security enhancement to its cloud storage service: Amazon S3 Block Public Access.
3 min
Incident Detection
5 Tips For Monitoring Network Traffic on Your Network
Monitoring traffic on your network is important if you want to keep it secure. These five tips will help you get the most out of your (NTA) tool.
4 min
Application Security
How to Defend Against Magecart Using CSP
In this blog, we explain how you can defend against Magecart credit card skimming attacks by using HTTP's Content Security Policy.
1 min
Metasploit
Introducing Metasploit’s First Evasion Modules
Rapid7's Metasploit team is proud to announce we have released the first-ever antivirus evasion module in Metasploit Framework.
2 min
Application Security
The Newegg Breach: PCI Means Nothing to Magecart
Both the British Airways and Newegg breaches occurred at sites that followed data security rules but were not protected against attacks like Magecart.
2 min
Compliance
The British Airways Breach: PCI is Not Enough
Magecart's techniques are sophisticated and worth understanding in detail, especially because they point out a major gap that occurs even with perfect PCI compliance.
3 min
InsightIDR
Detecting Inbound RDP Activity From External Clients
Today, we discuss how to detect inbound RDP activity from external clients.
4 min
Threat Intel
Rapid7 Threat Intelligence Book Club: ‘Countdown to Zero Day’ Recap
The final section of Kim Zetter's “Countdown to Zero Day”pulls together the many factors that are present in attacks such as Stuxnet.
4 min
Do You Know Your AppSec ROI?
This blog was previously published on blog.tcell.io.
This week has been a pretty interesting week in breaches. With the recent news
of Magecart being the attacker of both Ticketmaster and British Airlines, you
can't help but wonder why companies aren't learning from each other so they
aren't faulted for the same vulnerabilities. The answer in most cases is that
they don’t have the resources available to stay ahead of these attacks. Security
has traditionally been seen as a cost center, but with
5 min
Serverless and the OWASP Top 10
This blog was previously published on blog.tcell.io.
This post kicks off a series we’re doing on serverless security, since it’s one
of the hot trends in application development. Over the next several weeks, I’ll
be writing about what serverless is, what types of applications benefit from it,
and the security considerations you might have when building your application on
bleeding-edge technology.
Serverless model
Serverless computing, sometimes called “Function as a Service” (FaaS), lets you
3 min
5 Ways RASP Will Make Your Pentest Painless
This blog was previously published on blog.tcell.io.
Regardless of the size of company you work for, penetration testing is a
cornerstone of an application security strategy, especially for companies that
need to satisfy certain compliance certifications, such as SOC 2 and PCI DSS.
Pen testing is a simulated attack against your web applications or a traditional
WAF [https://www.rapid7.com/fundamentals/web-application-firewalls/]. By using a
controlled attack plan coupled with runtime applicati
4 min
Cross-Site Scripting (XSS) Can Steal Payment Information from Payment Processors
This blog was previously published on blog.tcell.io.
Just because your payment processor has PCI Level 1 doesn't mean you can ignore
cross-site scripting (XSS)
[https://www.rapid7.com/fundamentals/cross-site-scripting/]. If you handle
money, you process credit cards (since it's pretty hard to email cash). To
prevent fraud, the card industry has created the PCI Data Security Standard
[https://www.pcisecuritystandards.org]. So, if you're processing cards, you'll
be safe if you follow the specifi
3 min
What's Going on in Production Application Security 2018
Today, we released theSecurity Report for Web Applications
[http://bit.ly/2nZCS7r](Q2 2018) which identified key threats in real-world web
application traffic in the Amazon Web Services (AWS) and Azure cloud ecosystems.
In evaluating 316 million incidents, it is clear that attacks against the
application are growing in volume and sophistication, and as such, continue to
be a major threat to business.
The majority of web application attacks are the result of overall scanning for
vulnerabilitie
2 min
Analysis of the Ticketmaster Breach
This blog was previously published on blog.tcell.io.
Although there have been a number of breaches in the past few weeks, the story
around the breach at Ticketmaster
[https://www.darkreading.com/attacks-breaches/ticketmaster-breach-part-of-massive-payment-card-hacking-campaign/d/d-id/1332266]
is more interesting than most. It combines sophisticated web design, reusable
components, the security model of the web browser, and even a dash of payment
regulations.
The breach itself is interesting b
5 min
CIS Controls
CIS Critical Security Control 18: Breaking Down the Control Chaos of Application Software Security
Application software security (Critical Control 18) may seem overwhelming, but when upheld, it can make your SDLC wishes and SecOps dreams come true.