2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 6/5/20
vBulletin, WordPress, and WebLogic exploits, along with some enhancements and fixes.
3 min
Security Operations
Confessions of a Former CISO: Shaming People for Bad Security
In this edition of Confessions of a Former CISO, Scott King shares some hard lessons he's learned about shaming others for their security.
3 min
SOAR
Amplifying Impact to Reduce Friction: A Guide to Security Team Efficiency
In this blog, Rapid7 product leaders offer advice on how to free up security teams to address critical threats and eliminate repetitive tasks.
5 min
InsightVM
Custom Policy Builder Is Now Available in InsightVM
In today’s policy customization post, we focus on Center for Internet Security (CIS) policies.
2 min
Rapid7 Perspective
Standing Together: A Public Statement from Rapid7 CEO Corey Thomas
It has been shocking for many people in the United States and around the world to see the stark racial injustice and inequality that still exists in the US.
2 min
Research
Rapid7 Quarterly Threat Report: 2020 Q1
In this blog, we break down some of the top findings and highlights from the Rapid7 Quarterly Threat Report: 2020 Q1.
2 min
Threat Intel
Leaked YouTube Credentials Growing in Popularity on Dark Web Forums
Rapid7 researchers have observed a new trend in black markets and cybercrime forums: stolen credentials for prominent YouTube accounts.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 5/29/20
Hello, World!
This week’s wrapup features six new modules, including a double-dose of Synology
and everyone’s favorite, Pi-Hole.
Little NAS, featuring RCE
Synology stations are small(ish) NAS devices, but as Steve Kaun, Nigusu
Kassahun, and h00die have shown, they are not invulnerable. In the first module,
a command injection exists in a scanning function that allows for an
authenticated RCE, and in the second, a coding feature leaks whether a user
exists on the system, allowing for brute-forc
3 min
Remote Working
Assessing Our New Security Landscape: Business Continuity Amid Shifting Priorities
In this installment of our Remote Work Readiness Series, Rapid7 taps security leaders on how how to maintain continuity in a changing security landscape.
11 min
Research
The Masked SYNger: Investigating a Traffic Phenomenon
At the beginning of 2020, Rapid7 and other researchers began noticing increased scanning activity against a variety of TCP ports.
3 min
InsightVM
Finding Flexibility in Your Vulnerability Management Solution
In this post, we’re sharing the three key areas of flexibility within InsightVM, and how this can benefit your vulnerability management initiatives.
2 min
Metasploit
Metasploit Wrap-Up: 5/22/20
Bad WebLogic
Our own Shelby Pace authored an exploit taking
advantage of a Java object deserialization vulnerability in multiple different
versions of WebLogic. The new module has been tested with versions v12.1.3.0.0,
v12.2.1.3.0, and v12.2.1.4.0 of WebLogic and allows remote code execution
through the of sending a serialized BadAttributeValueExpException object over
the T3 protocol to vulnerable WebLogic servers.
Cram it in your Pi-Hole
As the incredibly origina
6 min
Managed Detection and Response (MDR)
Managing Cybersecurity in the Real Estate Industry
We sat down with Tony Hamil, the senior cybersecurity engineer for a real estate development company, to hear how he and his team are managing security.
5 min
InsightVM
Q&A from April 2020 Customer Webcast on InsightVM Dashboards & Executive Summary Report
In this blog post, we wanted to address a number of commonly asked questions regarding InsightVM Dashboards.
6 min
Verizon DBIR
Dancing With the Breaches: A Quick Step Through the 2020 Verizon Data Breach Investigations Report (DBIR)
In this blog, the Rapid7 Labs team has you covered with our annual Reader’s Guide for the 2020 Verizon Data Breach Investigations Report.