2 min
InsightCloudSec
Introducing InsightCloudSec
Rapid7 is proud to announce our next step in helping to drive cloud security forward: InsightCloudSec.
8 min
Vulnerability Disclosure
CVE-2020-7387..7390: Multiple Sage X3 Vulnerabilities
Four vulnerabilities involving Sage X3 were identified by Rapid7 researchers.
10 min
Detection and Response
Introducing the Manual Regex Editor in IDR’s Parsing Tool: Part 1
New to writing regular expressions? No problem. In this two-part blog series, we’ll cover the basics of regular expressions and how to write regular expression statements (regex) to extract fields from your logs while using the custom parsing tool.
3 min
Gartner
Rapid7 Named a Leader, 2021 Gartner Magic Quadrant for SIEM
This is the second consecutive time our SaaS SIEM—InsightIDR—has been named a Leader in this report.
2 min
Detection and Response
Automated remediation level 4: Actual automation
After the previous 3 steps—where we discussed everything from logging to best practices to account hygiene—it’s time to talk about the actions that really let you calibrate and control the kind of remediation you’re looking to get out of the process.
2 min
Metasploit
Metasploit Wrap-Up: 7/2/21
Containers that fail to Contain
Our own Christophe De La Fuente added a module for CVE-2019-5736 based on the
work of Adam Iwaniuk that breaks out of a Docker container by overwriting the
runc binary of an image which is run in the user context whenever someone
outside the container runs docker exec to make a request of the container.
Execute an Image Please, Wordpress
Community contributor Alexandre Zanni sent us a PR that uses native PHP
functions to upload a file as an image attachment to Wo
8 min
Emergent Threat Response
CVE-2021-34527 PrintNightmare: What You Need to Know
Vulnerability note: This blog originally referenced CVE-2021-1675, but members
of the community noted the week of June 29 that the publicly available exploits
that purported to exploit CVE-2021-1675 may in fact have been targeting a new
vulnerability in the same function as CVE-2021-1675. This was later confirmed,
and Microsoft issued a new CVE for what the research community originally
thought was CVE-2021-1675. Defenders should now follow guidance and remediation
information on the new vulnera
2 min
Emergent Threat Response
ForgeRock Access Manager/OpenAM Pre-Auth Remote Code Execution Vulnerability (CVE-2021-35464): What You Need To Know
On June 29, 2021, researcher Michael Stepankin (@artsploit) posted details of a pre-auth remote code execution (RCE) vulnerability, CVE-2021-35464, in ForgeRock Access Manager identity and access management software that front-ends web applications and remote access solutions in many enterprises.
2 min
Threat Intel
Yes, Fraudsters Can Bypass the Strong Customer Authentication (SCA) Requirement
Any new security regulation attracts the attention of fraudsters and cybercriminals. It’s safe to assume they're able to bypass SCA.
5 min
#Rapid7Life Belfast: Why I Joined
Interested in learning why these individuals chose to make a job change during these uncertain times and how Rapid7 made the decision a no-brainer? Read on to find out from a few of our Belfast-based Software Engineers!
2 min
Detection and Response
Automated remediation level 3: Governance and hygiene
The best way to mold a solution that makes sense for your company and cloud security is by adding actions that cause the fewest deviations in your day-to-day operations.
5 min
Application Security
3 Takeaways From The 2021 VDBIR: It’s An Appandemic
According to this year's report, small companies have pulled closer to their larger counterparts when bearing the brunt of web-application breaches and are losing ground in the time it takes to discover those breaches.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: Jun. 25, 2021
Three fresh modules for Cisco targets and rConfig, plus new enhancements and fixes.
3 min
Security Strategy
Kill Chains: Part 3→What’s next
As the final entry in this blog series, we want to quickly recap what we have previously discussed and also look into the possible future of kill chains.
3 min
Threat Intel
The CISO as an Ethical Leader: Building Accountability Into Cybersecurity
It’s important that cybersecurity leaders reinforce ethical practices in guarding against data loss.