3 min
Vulnerability Management
How to Increase Your Security Team's Visibility Within Your Organization—And What Happens When You Do
In this post, we’ll discuss how you can increase visibility and communication across the organization to improve your team’s reputation and resources.
3 min
SOAR
Why SOAR Is an Essential Cybersecurity Tool for Financial Services Companies
With an efficient and productive cybersecurity process in mind, let’s take a look at how SOAR helped a financial organization protect its customers.
3 min
Detection and Response
5 Challenges Outsourced Detection and Response Operations Can Help Solve
In this blog, we discuss five challenges that managed detection and response (MDR) operations can help solve.
3 min
Metasploit
Metasploit Wrap-Up 5/1/20
Windows Meterpreter payload improvements
Community contributor OJ has made improvements to
Windows Meterpreter payloads. Specifically reducing complexity around extension
building and loading. This change comes with the benefit of removing some
fingerprint artifacts, as well reducing the payload size as a side-effect.
Note that Windows meterpreter sessions that are open prior to this bump will not
be able to load new extensions after the bump if they connect with a new
in
2 min
Application Security
Gartner® Recognizes Rapid7
Vulnerability Management for Application Security Capabilities
Recently, Rapid7 was the only full stack vulnerability risk management vendor to be recognized for Application Security Testing by an industry-leading third-party research firm.
1 min
Cloud Security
Rapid7 Announces Intent to Acquire DivvyCloud
We are thrilled to announce that today we have entered into a definitive agreement to acquire DivvyCloud.
5 min
Research
CVE-2020-12271: Sophos XG Firewall Pre-Auth SQL Injection Vulnerability Remediation Guidance and Exposure Overview
On April 22, Sophos received a report documenting a suspicious field value visible in the management interface of an XG Firewall.
3 min
COVID-19
The Healthcare Security Pro's Guide to Ransomware Attacks
In this blog, we discuss the best practices to defend against ransomware attacks in the healthcare industry.
3 min
Metasploit
Metasploit Wrap-Up 4/24/20
Security fix for the libnotify plugin (CVE-2020-7350)
If you use the libnotify plugin to keep track of when file imports complete, the
interaction between it and db_import allows a maliciously crafted XML file
to execute arbitrary
commands on your system. In proper Metasploit fashion, pastaoficial
PR'd a file format exploit to go along with
the fix, and our own smcintyre-r7
6 min
COVID-19
Stuck Inside? Top Books We Recommend Security Pros Read During Quarantine
Whether you’re looking to brush up on your security skills or curl up with a page-turner, here are our top book picks to quell your quarantine boredom.
3 min
InsightIDR
How InsightIDR Is Accelerating Detection and Response in Modern Environments
According to The Total Economic Impact™ Of Rapid7 InsightIDR, customers experience increased visibility, decreased incident response time, and significant cost savings after switching to InsightIDR from their previous SIEM.
5 min
Confessions of a Former CISO: Promoting Individual Contributors into Leadership Roles
We are excited to announce the release of “Confessions of a Former CISO,” a video series that highlights some of the mistakes, challenges, and successes in the InfoSec industry.
2 min
COVID-19
Resources on the Main Street Lending Program to Support Small and Mid-Sized Businesses
The recent stimulus legislation - the “CARES Act” - allocated up to $600 billion for a new Main Street Lending Program to provide relief to small and mid-sized businesses impacted by the COVID-19 pandemic. Here are some resources on the program.
2 min
Metasploit
Metasploit Wrap-Up: Apr. 17, 2020
Nexus Repository Manager RCE
This week our very own Will Vu wrote a module for
CVE-2020-10199 which targets a remote code execution vulnerability within the
Nexus Repository Manager. The vulnerability allows Java Expression Language
(JavaEL) code to be executed. While the flaw requires authentication information
to leverage it, any account is sufficient. This would allow any registered user
to compromise the target server.
Unquoted Service Path LPE
Community contribu
6 min
Managed Detection and Response (MDR)
Uncooking Eggs: Manual Dridex Dropper Malicious Document Deobfuscation Methods
Learn how to analyze an obfuscated malicious document with a focus on basic static analysis.