9 min
Vulnerability Disclosure
Vulntober: Multiple Mobile Browser Address Bar Spoofing Vulnerabilities
Today, we're announcing a coordinated vulnerability disclosure on a set of address bar spoofing vulnerabilities that affect a number of mobile browsers.
5 min
Windows
Are You Still Running End-of-Life Windows Servers?
Windows Server 2008 and 2008 R2 reached their end of life (EOL) on Jan. 14, 2020, but what does that mean in practice?
4 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of IMAP and POP
In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of IMAP and POP.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 10/16/20
Hacktoberfest 2020 and wisdom from around the Metasploit water cooler. Keep an eye out for more info on the next Metasploit community CTF (coming soon).
1 min
InsightVM
Fewer False Alarms, Faster Reporting: InsightVM Introduces New One-Click Fix For False Positives
Let’s talk false positives. They’re frustrating and faulty to anyone in security. The good news? We’ve added even more ways to reduce the noise they cause.
3 min
InsightIDR
Introducing Enhanced Endpoint Telemetry (EET) in InsightIDR
Rapid7 is excited to announce Enhanced Endpoint Telemetry (EET) in our SIEM, InsightIDR.
2 min
Cloud Security
Heartland Dental’s Ambitions Land Them in the Cloud
We sat down with Heartland Dental to talk about why they chose Rapid7, how quickly they’re expanding, and why it’s time to shift services to the cloud.
3 min
Vulnerability Management
There Goes The Neighborhood: Dealing With CVE-2020-16898 (and CVE-2020-1656) (aka"Bad Neighbor")
Microsoft released a patch for BSoD + RCE CVE-2020-16898 ("Bad Neighbor") in the October 2020 Patch Tuesday vulnerability disclosures along with Juniper releasing CVE-2020-1656 the same week.
5 min
Detection and Response
2021 Detection and Response Planning, Part 2: Driving SOC Efficiency With a Detections-First Approach to SIEM
In this installment of our security planning series, we’ll explore the importance of reliable detections to drive an efficient security program forward.
4 min
InsightIDR
What’s New in InsightIDR: Q3 2020 in Review
This post offers a closer look at some of the recent updates and releases in InsightIDR from Q3 2020.
2 min
Metasploit
Metasploit Wrap-Up: 10/9/20
Enhancements, bug fixes, and a new SAP IGS module!
3 min
Research
PSA: Increase in RDP Attacks Means It's Time to Mind Your RDPs and Qs
Our research team looks into the increase in RDP attacks against RDP servers without multi-factor authentication enabled and helps organizations strengthen their infrastructure against these attacks.
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of VNC
In this installment of our NICER Protocol Deep Dive blog series, we cover the internet exposure of VNC.
4 min
InsightVM
How InsightVM Helps You Save Time and Prove Value
In this post, we’ll cover how InsightVM helps teams tackle operational challenges, maximize resources, and prove the value and ROI of their efforts.
2 min
This One Time on a Pen Test
This One Time on a Pen Test: Doing Well With XML
In the latest edition of "This One Time on a Pen Test," we discuss a classic web application engagement involving XML.