4 min
News
State-Sponsored Threat Actors Target Security Researchers
On Monday, Google’s Threat Analysis Group published a blog on a widespread social engineering campaign that targeted security researchers working on vulnerability research and development.
3 min
Metasploit
Metasploit Wrap-Up: 1/22/21
A new Microsoft Windows Spooler privesc module, along with some fixes and improvements!
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of NTP
In the latest installment of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of NTP.
4 min
Public Policy
Principles for personal information security legislation
Rapid7's principles for laws to protect personal information: 1) Strong but flexible security requirements; 2) Security exemptions from privacy restrictions; 3) State preemption without undermining cybersecurity.
3 min
AWS
You Can Now Buy (And Renew) Five More Rapid7 Products Through AWS Marketplace
Learn more about our set of listings and how Marketplace might be able to help you find budget for that shiny new Rapid7 solution you’ve had your eye on.
6 min
InsightIDR
InsightIDR: 2020 Highlights and What’s Ahead in 2021
As we kick off the New Year, we wanted to highlight some key InsightIDR product investments and take a look ahead at detection and response in 2021.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 1/15/21
Commemorating the 2020 December Metasploit community CTF
A new commemorative banner has been added to the Metasploit console to celebrate
the teams that participated in the 2020 December Metasploit community CTF
and achieved 100 or more points:
If you missed out on participating in this most recent event, be sure to follow
the Metasploit Twitter and Metasploit blog
posts
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of DNS-over-TLS
In this edition of our NICER Protocol Deep Dive blog series, we'll take a closer look at the internet exposure of DNS-over-TLS.
7 min
Vulnerability Management
Patch Tuesday - January 2021
We arrive at the first Patch Tuesday of 2021 (2021-Jan
) with 83
vulnerabilities across our standard spread of products. Windows Operating
System vulnerabilities dominated this month's advisories, followed by Microsoft
Office (which includes the SharePoint family of products), and lastly some from
less frequent products such as Microsoft System Center and Microsoft SQL Server.
Vulnerability Breakdown by Software Family
FamilyVulnera
5 min
News
Update on SolarWinds Supply-Chain Attack: SUNSPOT, SUNSHUTTLE and New Malware Family Associations
New research has been published that expands the security community’s understanding of the breadth and depth of the SolarWinds attack.
3 min
Metasploit
Metasploit Wrap-Up: 1/8/21
Eight new Metasploit modules for various targets (and outcomes!), with a good set of improvements and fixes!
4 min
InsightAppSec
What’s New in InsightAppSec and tCell: Q4 2020 in Review
In this blog, we'll recap some of the new and exciting features we have released as a part of our application security portfolio.
4 min
Detection and Response
Mobile Device Security Management
Remote workforces and mobile device management (MDM) are more important than ever in 2020’s pandemic reality.
6 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of DNS
In this edition of our NICER Protocol Deep Dive blog series, we discuss the internet exposure of DNS.
4 min
Application Security
Shifting Security Right: How Cloud-Based SecOps Can Speed Processes While Maintaining Integrity
Let’s take a look at some key insights on current industry efforts to more closely integrate DevOps and SecOps—and how you can plot your best path forward.