3 min
Emergent Threat Response
Active Exploitation of Pulse Connect Secure Zero-Day (CVE-2021-22893)
On Tuesday, FireEye published detailed analysis of multiple threat campaigns targeting Ivanti’s Pulse Connect Secure VPN.
3 min
Cloud Security
The Future is Friction-Free: Drive Innovation With DevOps + SecOps
How can DevOps and IT teams work and innovate in a friction-reduced or—we can all dream—a friction-free way?
3 min
Open Source
Rapid7 and Velociraptor Join Forces
Rapid7 has acquired a digital forensics and incident response (DFIR) framework called Velociraptor.
6 min
Public Policy
Overview of the EU’s draft NIS 2 Directive
The EU Commission proposed revisions to its NIS Directive that would enhance cybersecurity requirements on critical infrastructure-like organizations in the EU. This post provides an overview of the proposed revisions.
4 min
Phishing
How to Turbocharge Your Phishing Response Plan
A quick reaction to a phishing threat can mean the difference between a massive breach or a fast fix.
3 min
Kubernetes Security
Rapid7 Announces Kubernetes Integration General Availability in InsightVM
Rapid7 is excited to announce the general availability of our Kubernetes integration in InsightVM, our vulnerability management tool.
3 min
Threat Intel
Insider-Assisted Attacks Prove Costly for Telecoms
Here are some instances in which telecom companies were breached with the help of an insider.
5 min
Metasploit
Metasploit Wrap-Up: Apr. 16, 2021
New modules for Nagios, Chrome, and Haserl targets, and also many improvements and fixes!
2 min
Emergent Threat Response
Codecov Discloses Supply Chain Compromise
On April 15, code coverage and testing company Codecov announced a supply chain compromise in which a malicious party gained access to their Bash Uploader script and modified it without authorization.
5 min
MDR Vendor Must-Haves, Part 7: Managed Response Actions
Security teams face unprecedented challenges as the threat landscape expands in scope and complexity. Protecting the organization in today’s environment has led to analyst fatigue, with many organizations struggling to respond to both user and host threats in a timely manner.
1 min
Research
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): FTSE 350
We are excited to release the second report in our Industry Cyber-Exposure Report (ICER) series, which digs into cyber-exposure among organizations in the U.K.’s FTSE 350.
2 min
Vulnerability Management
Rapid7 Announces General Availability for Scoped Executive Summary Report in InsightVM
InsightVM’s Executive Summary Report has proved to be a powerful tool, and we’re excited to announce that it just got better.
9 min
Patch Tuesday
Patch Tuesday - April 2021
Patch Tuesday is here again and there are more Exchange updates to apply! A
total of 114 vulnerabilities were fixed this month with more than half of them
affecting all versions of Windows, with about half of them being remote code
execution bugs, and about a fifth of them being rated as critical by Microsoft.
Let's dive in!
New Exchange Server Patches Available
If you were only going to patch one thing today, please let it be this. Exchange
Server has been a hot topic since the vulnerabilities
3 min
Vulnerability Disclosure
CVE-2021-26908 and CVE-2021-26909: Automox Agent Information Disclosure (FIXED)
Rapid7 researcher Danny Jordan discovered two vulnerabilities in the Automox Agent for Windows and macOS.
2 min
Managed Detection and Response (MDR)
MDR Must-Haves, Part 6: Threat Validation and Detailed Reporting
Engaging a managed security service provider—either a traditional MSSP or MDR provider—should never involve wasting your time.