6 min
CISOs
Rapid7's 2021 ICER Takeaways: Vulnerability Disclosure Programs Among the Fortune 500
We rely on fantastically advanced technology in every aspect of our modern lives. Of course, anyone who has spent any time analyzing these technologies will notice that we are routinely bedeviled with vulnerabilities, especially when it comes to the internet.
1 min
Research
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): FTSE 350
We are excited to release the second report in our Industry Cyber-Exposure Report (ICER) series, which digs into cyber-exposure among organizations in the U.K.’s FTSE 350.
3 min
Vulnerability Disclosure
CVE-2021-26908 and CVE-2021-26909: Automox Agent Information Disclosure (FIXED)
Rapid7 researcher Danny Jordan discovered two vulnerabilities in the Automox Agent for Windows and macOS.
2 min
Research
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Fortune 500
Today, Rapid7 just released the first in our all-new Industry Cyber-Exposure Report (ICER) series.
2 min
Research
Introducing the 2020 Vulnerability Intelligence Report: 50 CVEs that Made Headlines in 2020
Our 2020 Vulnerability Intelligence Report examines 50 vulnerabilities from 2020 to highlight exploitation patterns, explore attacker use cases, and offer a practical framework for understanding new threats.
3 min
Emergent Threat Response
SonicWall SNWLID-2021-0001 Zero-Day and SolarWinds’ 2021 CVE Trifecta: What You Need to Know
2021 continues to deliver with an unpatched zero-day exposure in some SonicWall appliances and three moderate-to-critical CVEs in SolarWinds software.
8 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of HTTP and HTTPS
Read on to learn more about the internet exposure of HTTP and HTTPS from our 2020 NICER Report.
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of NTP
In the latest installment of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of NTP.
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of DNS-over-TLS
In this edition of our NICER Protocol Deep Dive blog series, we'll take a closer look at the internet exposure of DNS-over-TLS.
6 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of DNS
In this edition of our NICER Protocol Deep Dive blog series, we discuss the internet exposure of DNS.
3 min
IoT
HaXmas Hardware Hacking
This HaXmas, I decided to dig around a little in Rapid7's library of IoT investigations that never really went anywhere, just to see which tools were used.
4 min
Research
Rapid7 Labs’ 2020 Naughty List Summary Report to Santa
Your dutiful elves here at Rapid7 Labs have compiled a list of the naughty country networks being used to launch cyberattacks across the globe.
5 min
Security Strategy
UPnP With a Holiday Cheer
For today’s discussion, this blog post will only cover the port forwarding services and will also share a Python script you can use to start examining this service.
4 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of memcached
In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of memcached.
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)
In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of the Microsoft SQL Server.