6 min
InsightVM
Passwordless Network Scanning: Same Insights, Less Risk
The Scan Assistant is a lightweight service within InsightVM Network Scan Engine that can scan against targets without the need to provide credentials
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 10/15/21
Four new Moodle modules, plus new features to help red teamers keep track of sessions and forwarded connections.
5 min
Threat Intel
4 Simple Steps for an Effective Threat Intelligence Program
By following these simple steps, you can implement an effective threat intelligence program that's built for the modern cybersecurity environment.
5 min
Cloud Security
Turn On, Tune In, Drop the Noise: Achieve Better Cloud Security by Reducing Noise
For security professionals, it's easy to get lost in the noise. And when it comes to cloud security, tuning into the signal is essential.
7 min
Vulnerability Management
Patch Tuesday - October 2021
Today’s Patch Tuesday sees Microsoft issuing fixes
for over 70 CVEs,
affecting the usual mix of their product lines. From Windows, Edge, and Office,
to Exchange, SharePoint, and Dynamics, there is plenty of patching to do for
workstation and server administrators alike.
One vulnerability has already been seen exploited in the wild: CVE-2021-40449
is
an elev
4 min
Application Security
This Was the Summer of AppSec: All the Improvements We Made in Q3
But before we fall into another season, we wanted to look back on all of the improvements we've made to InsightAppSec and tCell over the last 3 months.
4 min
Kubernetes Security
Have You Checked the New Kubernetes RBAC Swiss Army Knife?
InsightCloudSec’s RBAC tool is an all-in-one open-source tool for analyzing Kubernetes RBAC policies and simplifying Kubernetes RBAC.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 10/8/21
New modules for vCenter Server and Linux Netfilter, plus fixes and enhancements.
1 min
Detection and Response
Velociraptor to Announce Winners of Its 2021 Contributor Competition
Velociraptor and Rapid7 are excited to announce the winners of our 2021 Velociraptor Contributor Competition on Friday, October 8.
3 min
Emergent Threat Response
Apache HTTP Server CVE-2021-41773 Exploited in the Wild
On Monday, October 4, 2021, Apache published an advisory on an unauthenticated remote file disclosure vulnerability in the HTTP Server version 2.4.29.
6 min
Research
For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy
When it comes to the state of patching for recent Exchange Server vulnerabilities, the picture is more incomplete than you'd think.
4 min
Detection and Response
What's New in InsightIDR: Q3 2021 in Review
This post offers a closer look at some of the recent updates and releases in InsightIDR, our extended detection and response solution, from Q3 2021.
1 min
Lost Bots
[The Lost Bots] Episode 6: D&R + VM = WINNING!
In this episode, Practice Advisor Devin Krugly joins to discuss how Detection and Response + Vulnerability Management = a winning combination.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 10/1/21
More post modules than we've ever put out in a single release before, courtesy of a university project to add credential gathering capabilities based on the PackRat toolset.
3 min
Cybersecurity
National Cybersecurity Awareness Month: How Security Pros Can Get Involved
To kick off National Cybersecurity Awareness Month 2021, we're providing some ideas for how security pros can spread knowledge around this year's themes.