2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 4/9/21
Spilling the (Gi)tea We have two modules coming in from cdelafuente-r7 targeting CVE-2020-14144 for both the Gitea and Gogs self-hosted Git services. Both modules are similar: they take advantage of a user's ability to create Git hooks by authenticating with the web interface, creating a dummy repos
4 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 5: Multiple Threat Detection Methodologies, Including Deep Attacker Behavior Analysis
The best Managed Detection and Response (MDR) providers use a combination of threat intelligence, User Behavior Analytics (UBA), Attacker Behavior Analytics (ABA), and human threat hunts to provide detection for threats and attackers.
2 min
InsightIDR
What’s New in InsightIDR: Q1 2021 in Review
Back at the start of the year, we reflected on some of our 2020 InsightIDR product investments and took a look at what was ahead in 2021. As the first quarter of the year comes to a close, we wanted to offer a closer look at some of the recent updates and releases in InsightIDR.
5 min
Emergent Threat Response
Attackers Targeting Fortinet Devices and SAP Applications
CISA and the FBI published a joint alert to warn users that APT threat actors were likely exploiting unpatched Fortinet FortiOS devices to gain initial access to government, commercial, technology, and other organizations’ networks.
3 min
Kubernetes Security
Kubernetes Namespaces Are Not as Secure as You Think
A common misconception around namespaces is that they are truly separated. However, it is more likely to think of it as a police tape—you know it is there, but it is fairly easy to bypass it.
5 min
Cloud Security
Looking Back and Moving Forward With Rapid7’s Cloud Security Solution
The DivvyCloud by Rapid7 team has had a busy and productive start to 2021, and we anticipate that the rest of this year will be equally exciting for our valued customers.
2 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 4: Ingestion of Authentication Data Across Local, Domain, and Cloud Sources
There isn’t a single threat or breach that doesn’t involve attackers using legitimate credentials to cause harm.
2 min
Research
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Fortune 500
Today, Rapid7 just released the first in our all-new Industry Cyber-Exposure Report (ICER) series.
3 min
Application Security
What’s New in InsightAppSec and tCell: Q1 2021 in Review
Rapid7 will continue to support customers through every challenge, with new updates and avenues to help you get the most out of your application security program.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 4/2/21
Six new modules targeting F5, SaltStack, Exchange Server, and more, plus some significant performance improvements and fixes.
2 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 3: Ingestion of Other Technology Investments
By the time you’re ready to invest in a Managed Detection and Response (MDR) service, you’ve likely already invested in a number of different security tools aimed at preventing threats and detecting breaches. MDR is a continued investment in this technology, not always a pure replacement.
2 min
Emergent Threat Response
SolarWinds Patches Four New Vulnerabilities in Their Orion Platform
SolarWinds released fixes for 4 new vulnerabilities in their Orion platform, the most severe of which is an authenticated RCE flaw due to a JSON deserialization weakness.
3 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 2: Ingestion of Network Device Data
One area that can offer incredible benefits in a Managed Detection and Response provider is the ingestion of network device data.
5 min
Metasploit
Metasploit Wrap-Up: 3/26/21
New Exchange ProxyLogon modules, VMWare View Planner RCE, Advantech iView RCE, and more!
3 min
Cloud Security
DivvyCloud Adds Support for IAM Analyzer Policy Recommendations
Rapid7 built out support for the IAM Access Analyzer policy recommendations to DivvyCloud within 48 hours of AWS’s announcement.