4 min
Russia-Ukraine Conflict
The Digital Citizen’s Guide to Navigating Cyber Conflict
In this post, we provide advice for non-security-pro digital citizens to protect themselves and, by extension, help protect their organizations.
5 min
Ransomware
4 Fallacies That Keep SMBs Vulnerable to Ransomware, Pt. 1
In this two-part blog series, we will present four common mistakes SMBs make when thinking about ransomware risk.
8 min
Career Development
Reflecting on Women’s History Month at Rapid7
During Women’s History Month, we invited some of our team members to share their best advice for other women in technology.
3 min
Detection and Response
SIEM and XDR: What’s Converging, What’s Not
XDR aims to solve the challenges of the SIEM tool for effective detection and response to targeted attacks.
2 min
Cloud Security
Rapid7 Recognized as Top Ranked in Forrester Wave™ for Cloud Workload Security
We’re excited to share that Rapid7 has been recognized as a Strong Performer in the Forrester Wave™: Cloud Workload Security, Q1 2022.
5 min
Russia-Ukraine Conflict
8 Tips for Securing Networks When Time Is Scarce
In light of increased cyber risk surrounding the Russia-Ukraine conflict, we’ve put together 8 tips that defenders can take right now to prepare.
4 min
Research
Cloud Pentesting, Pt. 1: Breaking Down the Basics
More and more customers are looking to get a pentest done in their cloud deployment. What does that mean?
3 min
Metasploit
Metasploit Weekly Wrap-Up: Mar. 18, 2022
CVE-2022-21999 - SpoolFool
Our very own Shelby Pace has added a new module
for the CVE-2022-21999 SpoolFool privilege escalation vulnerability
. This
escalation vulnerability can be leveraged to achieve code execution as SYSTEM.
This new module has successfully been tested on Windows 10 (10.0 Build 19044)
and Windows Server 2019 v1809 (Build 17763.1577).
CVE-2021-4191 - Gitlab GraphQL API User E
2 min
InsightIDR
3 Ways to Leverage the MITRE ATT&CK Framework
The MITRE ATT&CK framework strengthens experiences within InsightIDR by providing context, evidence, and recommendations all in one place.
4 min
Vulnerability Management
The VM Lifecycle: How We Got Here, and Where We’re Going
In this post, we explore the concept of a vulnerability management lifecycle, providing practical guidance and definitions.
2 min
Threat Intel
Cybercriminals’ Recruiting Effort Highlights Need for Proper User Access Controls
The Lapsus$ ransomware gang’s modus operandi seems to be evolving.
6 min
Vulnerability Management
InsightVM Scanning: Demystifying SSH Credential Elevation
In this post, we look at the different ways SSH credentials can be elevated for scanning in InsightVM.
3 min
Supply Chain Security
An Inside Look at CISA’s Supply Chain Task Force
In this guest post, Rapid7 customer Chad Kliewer writes about his experience on CISA's new task force created to enhance supply chain resilience.
5 min
Metasploit
Metasploit Weekly Wrap-Up: Mar. 11, 2022
Mucking out the pipes.
Thanks to some quick work by timwr , CVE-2022-0847
aka
"Dirty Pipe" gives Metasploit a bit of digital plumber's training. The exploit
targeting modern Linux v5 kernels helps elevate user privileges by overwriting a
SUID binary of your choice by plunging some payload gold through a pipe.
Long live the SMB relay!
SMB, that magical ubiquitous service making all that noise on netw
11 min
Detection and Response
Run Faster Log Searches With InsightIDR
Let’s explore how to make the best use of InsightIDR’s Log Search capabilities to get the correct data returned back to you as fast as possible.