2 min
Emergent Threat Response
Active Exploitation of F5 BIG-IP iControl REST CVE-2022-1388
On May 4, 2022, F5 released an advisory on CVE-2022-1388, a critical authentication bypass that leads to remote code execution in iControl REST.
1 min
Cloud Security
[Infographic] Cloud Misconfigurations: Don't Become a Breach Statistic
Our latest infographic highlights some key commonalities uncovered in our 2022 Cloud Misconfigurations Report.
3 min
Metasploit
Metasploit Wrap-Up: May 6, 2022
Three new exploit modules, and an update for Windows 11 support
1 min
XDR
Rapid7’s first comic: XDR vs. Exploito
Learn about the adventures of our CISO hero Adira Adama in Rapid7's first comic, XDR vs. Exploito.
11 min
Application Security
XSS in JSON: Old-School Attacks for Modern Applications
This post highlights how cross-site scripting has adapted to today’s modern web applications, specifically the API and Javascript Object Notation (JSON).
3 min
Cloud Security
Is Your Kubernetes Cluster Ready for Version 1.24?
Kubernetes rolled out Version 1.24 on May 3, 2022. This version is packed with notable improvements, so we're covering some of the significant items.
8 min
Managed Detection and Response (MDR)
MDR, MEDR, SOCaaS: Which Is Right for You?
Let’s take a closer look at these three types of detection and response managed services to help you decide the best fit for your organization.
4 min
Cloud Security
Cloud-Native Application Protection (CNAPP): What's Behind the Hype?
Is CNAPP a one-in-all answer to building secure apps in a cloud-first ecosystem, or is it part of a larger story? This post takes a closer look.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 4/29/22
Module additions this week to enumerate all installed AV products on Windows and escape sandboxes on certain Debian-specific Redis versions. Plus, a new place for Metasploit docs focused on pen testing workflows.
3 min
Emergent Threat Response
Widespread Exploitation of VMware Workspace ONE Access CVE-2022-22954
On April 6, 2022, VMware detailed CVE-2022-22954, a critical RCE vulnerability affecting VMware Workspace ONE Access and Identity Manager.
5 min
Vulnerability Management
How to Strategically Scale Vendor Management and Supply Chain Security
Here are simple changes that can help you provide more impactful supply chain security guidance and controls to decrease risk.
7 min
Detection and Response
Velociraptor Version 0.6.4: Dead Disk Forensics and Better Path Handling Let You Dig Deeper
Rapid7 is pleased to announce the release of Velociraptor version 0.6.4 – an advanced, open-source digital forensics and incident response (DFIR) tool.
3 min
Emergent Threat Response
Opportunistic Exploitation of WSO2 CVE-2022-29464
On April 18, 2022, MITRE published CVE-2022-29464, an unrestricted file upload vulnerability affecting various WSO2 products.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 4/22/22
ManageEngine ADSelfService Plus Authenticated RCE
This module is pretty exciting for us because it's for a vulnerability
discovered by our very own Rapid7 researchers Jake Baines
, Hernan Diaz, Andrew Iwamaye, and Dan Kelly.
The vulnerability allowed for attackers to leverage the "custom script"
functionality to execute arbitrary operating system commands whenever domain
users reset their passwords.
I won't go into too much depth though because we have a whole blog
3 min
Application Security
Rapid7 Named a Visionary in 2022 Magic Quadrant™ for Application Security Testing Second Year in a Row
For the second year in a row, Rapid7 has been named a Visionary in the Gartner® 2022 Magic Quadrant for Application Security Testing.