Rapid7 Cybersecurity Blog

6 min Vulnerability Management

Patch Tuesday - February 2022

February 2022's fixes from Microsoft are relatively light as far as Patch Tuesdays go.

4 min Threat Intel

The Big Target on Cyber Insurers' Backs

According to our research, cyber insurance providers are highly targeted in the insurance space. Find out why and what they can do to protect themselves.

3 min Cloud Security

Why Security in Kubernetes Isn't the Same as in Linux: Part 2

Security for Kubernetes might not be quite the same as what you're used to. This post covers the security concerns unique to Kubernetes.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: Feb. 4, 2022

A new NOP module, improvements to RPC functionality and PHP Meterpreter, and WordPress and Cisco RV exploits.

2 min Career Development

7 Rapid Questions With Our APAC Sales Manager, Soumi

For this installment of 7 Rapid Questions, we sat down with Soumi Mukherjee, APAC Sales Manager - ANZ North Sales.

6 min Detection and Response

Velociraptor Version 0.6.3: Dig Deeper With More Speed and Scalability

Velociraptor release 0.6.3 has been in the making for a few months now and has several exciting new features.

3 min Detection and Response

Demystifying XDR: Where SIEM and XDR Collide

Forrester analyst Allie Mellen shares her perspective on SIEM vs. XDR and how the two can coexist within today's SOC teams.

5 min Detection and Response

2021 Cybersecurity Superlatives: An InsightIDR Year in Review

We laughed, we cried, we added over 750 new detections.

3 min Metasploit

Metasploit Weekly Wrap-Up: Jan. 28, 2022

A new Log4Shell module for unauthenticated RCE on Ubiquiti UniFi devices, getsystem improvements, and more!

4 min Cloud Security

Why Security in Kubernetes Isn't the Same as in Linux: Part 1

Deploying your product on a Kubernetes cluster has a different security cost than on a traditional Linux server.

6 min Ransomware

How Ransomware Is Changing US Federal Policy

The increased stakes of the ransomware threat are pushing regulators to take a harder look at whether regulatory requirements for cybersecurity safeguards are effective.

3 min InsightIDR

The Great Resignation: 4 Ways Cybersecurity Can Win

Cybersecurity has had a talent shortage for years. Here are four ideas about how to prepare for it and win.

2 min Metasploit

Metasploit Weekly Wrap-Up: 1/21/22

while (j==shell); Log4j; The Log4j loop continues as we release a module targeting vulnerable vCenter releases. This is a good time to suggest that you check your vCenter releases and maybe even increase the protection surrounding them, as it’s been a rough year-plus for vCenter . Let your shell do the walking bcoles sent us a module that targets Grandstream GXV3175IP phones that allows remote code exec

3 min Ransomware

Is the Internet of Things the Next Ransomware Target?

What would it take for IoT to be the target of ransomware? This post takes a closer look.

3 min Research

Open-Source Security: Getting to the Root of the Problem

The past few weeks have shown us the importance and wide reach of open-source security.

All Posts