3 min
Risk Management
Meet AttackerKB
Meet AttackerKB: a new community-driven resource that highlights diverse perspectives on which vulnerabilities make the most appealing targets for attackers.
2 min
Vulnerability Management
Patch Tuesday - April 2020
Global working-from-home routines haven't slowed down Microsoft and its ability
to help close up vulnerabilities in their products. This April Patch Tuesday
(WFH-edition), Microsoft has knocked 113 vulnerabilities out of the park. It's
not the highest we've seen, but it is still an impressive spread of fixes coming
in this month with a fair number resolving SharePoint and Office vulnerabilities
along with the
3 min
Remote Working
Remote Work Readiness: How to Keep a Security Mindset
Here are some of the best practices to help your company’s staff work from home with minimal risk.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 4/10/20
Meterpreter bug fixes and five new modules, including an LPE exploit for SMBghost (CVE-2020-0796) and a BloodHound post module that gathers information (sessions, local admin, domain trusts, etc.) and stores it as a BloodHound-consumable ZIP file in Framework loot.
2 min
COVID-19
Self-Isolation, Home Networking, and Open Source: Recog and Rumble
In this blog, we discuss an open source project we run here at Rapid7: Recog and its free network fingerprinting database.
7 min
CIS Controls
8 Steps to Successfully Implement the CIS Top 20 Controls in Your Organization
Eight practical steps to help you implement key controls into your organization. Get started now!
7 min
Microsoft
Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)
As of March 24, there were over 350,000 Microsoft Exchange servers exposing a version of the software with a vulnerability.
6 min
Vulnerability Management
4 Common Goals For Vulnerability Risk Management Programs
This post will give you a glimpse into the research to pinpoint under-served and unmet customer needs in the vulnerability risk management space.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 4/3/2020
This week's release includes a local privilege escalation exploit for VMware Fusion through 11.5.3 on OS X, as well as RCE on Apache Solr and DNN cookie deserialization.
3 min
SIEM
Analyze Security Data Faster with Visual Search in InsightIDR
Learn how InsightIDR, Rapid7’s SIEM tool, uses visualization to provide powerful security data analysis.
17 min
Vulnerability Disclosure
Dispelling Zoom Bugbears: What You Need to Know About the Latest Zoom Vulnerabilities
In this blog, we break down what you need to know about the recent Zoom security issues and its vulnerability remediation process.
3 min
SIEM
SOC Automation: Threat Detection and Response with SIEM and SOAR
We believe that the best solution to industry-wide struggles with threat detection and response is to increase efficiency using SIEM and SOAR together.
5 min
Vulnerability Management
Reduce False Positive Vulnerabilities by Up To 22%
Today, we discuss how to measurably reduce false positive vulnerabilities so you can reallocate your team's time and resources.
3 min
Podcast
A Chat with Jonathan Cran About Intrigue and Security in the COVID-19 Pandemic
In a recent episode of Rapid7’s podcast, Security Nation, we talked with Jonathan Cran, Head of Research at Kenna Security.
5 min
Remote Working
Working from Home? Wi-Fi Security and Tips and Tricks
I jotted down some Wi-Fi security and management tips for my friends and colleagues who might not have paid much attention to their home networking.