6 min
InsightIDR
What's New in InsightIDR: Q4 2021 in Review
This post offers a closer look at some of the recent releases in InsightIDR, our extended detection and response (XDR) solution, from Q4 2021.
4 min
Hacky Holidays 2021
2022 Cybersecurity Predictions: The Experts Clear Off the Crystal Ball
In keeping with our yearly tradition, we sat down with some experts at Rapid7 and across the industry to get their 2022 cybersecurity predictions.
2 min
Hacky Holidays 2021
Rapid7 2021 Wrap-Up: Highlights From a Year of Empowering the Protectors
We worked harder than ever in 2021 to help protectors keep their organization's infrastructure secure. Here's a rundown of some of the biggest moments.
6 min
Hacky Holidays 2021
Metasploit 2021 Annual Wrap-Up
Like years past, 2021 brought some surprises and had its shared of celebrity vulnerabilities. Here's are the Metasploit highlights from last year.
6 min
Hacky Holidays 2021
5 Security Projects That Are Giving Back
From white-hat hackers to those volunteering their time to make the internet a safer, more inclusive space, we've highlighted a few security-related projects that exemplify the spirit of giving back.
4 min
MITRE ATT&CK
Sharing the Gifts of Cybersecurity – Or, a Lesson From My First Year Without Santa
You know who some of the best Santas on Earth are? The cybersecurity community.
3 min
Application Security
Test for Log4Shell With InsightAppSec Using New Functionality
In this blog, we share how Rapid7 customers can test for Log4Shell with InsightAppSec.
3 min
Metasploit
Metasploit Wrap-Up: Dec. 17, 2021
A new Log4Shell / Log4j scanner module for Metasploit, a new WordPress module, and multiple enhancements and bug fixes
14 min
Log4Shell
The Everyperson’s Guide to Log4Shell (CVE-2021-44228)
This blog is for everyone who wants to understand what’s going on with the Log4Shell vulnerability in Log4j and why the internet seems to be on fire again.
3 min
Application Security
How to Protect Your Applications Against Log4Shell With tCell
Let’s walk through the various ways tCell can help our customers protect against Log4Shell attacks.
7 min
Vulnerability Management
Patch Tuesday - December 2021
This month’s Patch Tuesday comes in the middle of a global effort to mitigate Apache Log4j CVE-2021-44228.
3 min
Threat Intel
Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations
The Rapid7 Threat Intelligence team is tracking the attacker's-eye view on Log4Shell and the related chatter on the clear, deep, and dark web.
8 min
InsightVM
Using InsightVM to Find Apache Log4j CVE-2021-44228
How to use InsightVM or Nexpose to detect exposure to Log4Shell CVE-2021-44228 in your environment, plus additional detail about how our various vulnerability checks work under the hood.
3 min
Emergent Threat Response
Update on Log4Shell’s Impact on Rapid7 Solutions and Systems
Like the rest of the security community, we have been internally responding to the critical remote code execution vulnerability in Apache’s log4j Java library (a.k.a. Log4Shell).
7 min
Risk Management
Driver-Based Attacks: Past and Present
In our analysis of CVE-2021-21551, a write-what-where vulnerability in a Dell driver, we found that Dell’s update didn’t fix the write-what-where condition but only limited access to administrative users.