11 min
Security Operations (SOC)
Talkin’ SMAC: Alert Labeling and Why It Matters
This blog post will demonstrate some common pitfalls of alert labeling, and offers a new framework for SOCs to use.
4 min
InsightVM
New InsightVM Dashboard Helps You Discover Significant Changes in Your Environment from the Past 30 Days
Organizations are in a constant struggle to identify and reduce risks in their constantly changing environments
4 min
Vulnerability Disclosure
CVE-2021-22652: Advantech iView Missing Authentication RCE (FIXED)
Advantech iView versions prior to 5.7.03.6112 suffer from an instance of "CWE-306: Missing Authentication For Critical Function."
3 min
SOAR
SOAR Tools: What to Look for When Investing in Security Automation Tech
In this blog, we break down what you should look for when investing in security automation tech.
7 min
Vulnerability Management
Patch Tuesday - February 2021
The second Patch Tuesday of 2021 is relatively light on the vulnerability count,
with 64 CVEs being addressed across the majority of Microsoft’s product
families. Despite that, there’s still plenty to discuss this month.
Vulnerability Breakdown by Software Family
FamilyVulnerability CountWindows28ESU14Microsoft Office11Browser9Developer Tools
8Microsoft Dynamics2Exchange Server2Azure2System Center2Exploited and Publicly
Disclosed Vulnerabilities
One zero-day was announced: CVE-2021-1732
2 min
Metasploit
Metasploit Wrap-Up: Feb. 5, 2021
This week's edition: Baron Samedit 'sudo' exploit module, OneDrive sync enumeration, and WP credential gathering via Abandoned Cart plugin.
2 min
News
Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products
Cisco has released security updates to address vulnerabilities in most of their product portfolio.
3 min
Emergent Threat Response
SonicWall SNWLID-2021-0001 Zero-Day and SolarWinds’ 2021 CVE Trifecta: What You Need to Know
2021 continues to deliver with an unpatched zero-day exposure in some SonicWall appliances and three moderate-to-critical CVEs in SolarWinds software.
2 min
Vulnerability Management
Vulnerability Scanning With the Metasploit Remote Check Service (Beta Release)
InsightVM and Nexpose customers can now harness the power of the Metasploit community to assess their exposure to the latest threats.
3 min
Security Strategy
Addressing the OT-IT Risk and Asset Inventory Gap
Cyber-espionage and exploitation from nation-state-sanctioned actors have only become more prevalent in recent years.
2 min
Rapid7 Perspective
Rapid7 Acquires Leading Kubernetes Security Provider, Alcide
We at Rapid7 are happy to announce that we have acquired Alcide, a leader in Kubernetes security based in Tel Aviv, Israel.
3 min
Metasploit
Metasploit Wrap-Up: 1/29/21
Five new modules, including RCEs, arbitrary file write, and a Windows Registry check if the DementiaWheel/fanny.bmp malware exists on a target.
8 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of HTTP and HTTPS
Read on to learn more about the internet exposure of HTTP and HTTPS from our 2020 NICER Report.
1 min
Vulnerability Management
Upcoming Rapid7 Webcast: How Far Does Your VRM Strategy Go?
Web applications have been growing in complexity over the past several years, while also becoming the preferred method for attackers looking to capitalize.
4 min
News
State-Sponsored Threat Actors Target Security Researchers
On Monday, Google’s Threat Analysis Group published a blog on a widespread social engineering campaign that targeted security researchers working on vulnerability research and development.