3 min
IT Ops
Widely-used Android App Leaks MS Exchange Credentials
In October, Rapid7 researchers
uncovered a significant vulnerability in the Nine mobile application
for
Android. Baldly stated, this app leaks Microsoft Exchange user credentials, plus
mail envelopes and attachments, mailbox synchronization data, caleandar entries
and tasks to attac
2 min
Events
Rapid7 Rapid Fire at UNITED Summit: A Spirited Debate
Rapid Fire returned for the third time to the UNITED Security Summit and once
again brought together the infosec community to join the spirited debates. With
great questions and participation from the audience, the Rapid7 team would like
to first thank everyone who attended this evening – from our customers and
UNITED attendees, to the Boston infosec community.
Our panel this year featured:
* Josh Corman @joshcorman (Founder, I am The
Cavalry)
* David Kenn
2 min
IoT
Research Lead (IoT)
It has been an amazing journey serving as the Research Lead for the Internet of
Things (IoT) at Rapid7 for past 10 months. I came into the role with more than a
decade of experience as a security penetration tester and nearly 15 years of
experience conducting security research across such areas as protocol based
attacks, embedded device exploitation, and web vulnerabilities, so taking on the
role, as Research Lead for IoT was the next obvious progression for me. Being
able to focus on IoT specif
2 min
IoT
[Free Tool] IoTSeeker: Find IoT Devices, Check for Default Passwords
So there's this Thing...
We need to talk about Things, you and I. Specifically those connected Things.
This isn't a weird breakup discussion regarding a relationship you didn't know
we had (I hear that's called stalking actually, and is an altogether different
type of problem). There may be Things on your network that are harbouring a
security issue, and that's not a good place to be either. We can help you track
them down (which does bear a slight resemblance to stalking, granted, but we're
se
3 min
Nexpose
Nexpose and DXL Integration: Now We're Talking
Staying Ahead of New Vulnerabilities
The security threat landscape is constantly shifting and there are a multitude
of solutions for managing threats. An unfortunate effect of having a large
toolbox is, the more tools and vendors you have in your toolbox, the more
complex your management task becomes. When one facet of your security
infrastructure becomes aware of risks, how can you most effectively utilize your
full security ecosystem to combat them? With Nexpose's Adaptive Security,
integratio
3 min
Nexpose
Publishing Nexpose Asset Risk Scores to ePO
Security professionals today face great challenges protecting their assets from
breaches by hackers and malware. A good vulnerability management solution
could help mitigate
these challenges, but vulnerability management solutions often produce huge
volumes of data from scanning and require lots of time spent in differentiating
between information and noise.
Rapid7 Nexpose helps professionals
4 min
Research
NCSAM: The Danger of Criminalizing Curiosity
This is a guest post from Kurt Opsahl , Deputy
Executive Director and General Counsel of the Electronic Frontier Foundation
.
October is National Cyber Security Awareness month and Rapid7 is taking this
time to celebrate security research. This year, NCSAM coincides with new legal
protections for security research under the DMCA
and the 30th anniversary of the
2 min
Nexpose
Nexpose integrates with McAfee ePO and DXL: The first unified vulnerability management solution for Intel Security customers!
We wanted to give you a preview into Nexpose's new integration with both McAfee
ePolicy Orchestrator (ePO) and McAfee Data Exchange Layer (DXL); this is the
next stage of our partnership with Intel as their chosen vendor for
vulnerability management . This partnership is also a first for both Rapid7 and
Intel, as Nexpose is the only vulnerability management
solution to not
only push our unique risk scoring into ePO for analysis, but al
11 min
Vulnerability Disclosure
Multiple Bluetooth Low Energy (BLE) Tracker Vulnerabilities
Executive Summary
While examining the functionality of three vendors' device tracker products, a
number of issues surfaced that leak personally identifying geolocation data to
unauthorized third parties. Attackers can leverage these vulnerabilities to
locate individual users' devices, and in some cases, alter geolocation data for
those devices. The table below briefly summarizes the twelve vulnerabilities
identified across three products.
VulnerabilityDeviceR7 IDCVECleartext PasswordTrackR Brav
4 min
IoT
Mirai FAQ: When IoT Attacks
Update: Following the attack on Dyn back in October, there is some speculation
over whether a similar Mirai-style attack could be leveraged to influence the
election. This feels like FUD to me; there doesn't seem to be a mechanism to
knock out one critical service to kick over enough state and county election
websites, Dyn-style, to make such an attack practical. It could potentially be
feasible if it turns out that a lot of city, county, and state websites are
sharing one unique upstream resour
6 min
User Behavior Analytics
User Behavior Analytics and Privacy: It's All About Respect
When I speak with prospects and customers about incident detection and response
(IDR) , I'm almost always
discussing the technical pros and cons. Companies look to Rapid7 to combine
user
behavior analytics (UBA)
with endpoint
detection and log search to spot malicious behavior in their environment. It's
an effective approach: an analytics engine that triggers based on known attack
m
4 min
Security Strategy
Checks and Balances - Asset + Vulnerability Management
Creating a Positive Feedback Loop
Recently I've focused on some specific use cases for vulnerability analytics
within a security operations program. Today, we're taking a step back to
discuss tying vulnerability management
back in to asset
management
to
create a positive feedback loop. This progressive, strategic method can
mitigate issues and oversights caused b
4 min
Cloud Infrastructure
Overcome Nephophobia - Don't be a Shadow IT Ostrich!
Overcome Nephophobia - Don't be a Shadow IT Ostrich!
Every cloud…..
When I was much younger and we only had three TV channels, I used to know a lot
of Names of Things. Lack of necessity and general old age has meant I've now
long since forgotten most of them (but thanks to Google, my second brain, I can
generally “remember” them! Dinosaurs, trees, wild flowers, and clouds were all
amongst the subject matters in which my five-year-old self was a bit of an
expert. I would point at the sky and wow
4 min
SIEM
Displace SIEM "Rules" Built for Machines with Custom Alerts Built For Humans
If you've ever been irritated with endpoint detection being a black box and SIEM
detection putting the entire
onus on you, don't think you had unreasonable expectations; we have all wondered
why solutions were only built at such extremes. As software has evolved and our
base expectations with it, a lot more people have started to wonder why it
requires so many hours of training just to make solutions do what they are
designed to do. Defining a
5 min
InsightIDR
New InsightIDR Detections Released
New detections have been introduced regularly since we first started developing
our Incident Detection and Response (IDR) solutions
four years
ago. In fact, as of today, we have a collection of more than 50 of these running
across customer data. But what does that mean? And what are the very latest
detections to help your security program? Vendors have fancy names for what is
under the covers of their tools: “machine learning,”