Posts by Drew Burton

2 min Emergent Threat Response

CVE-2023-35078: Critical API Access Vulnerability in Ivanti Endpoint Manager Mobile

CVE-2023-35078 is a critical remote unauthenticated API access vulnerability in Ivanti Endpoint Manager Mobile.

2 min Emergent Threat Response

CVE-2023-27997: Critical Fortinet Fortigate Remote Code Execution Vulnerability

Rapid7 is tracking CVE-2023-27997, a purportedly critical remote code execution (RCE) vulnerability in Fortigate SSL VPN firewalls.

2 min Emergent Threat Response

Widespread Exploitation of Zyxel Network Devices

Rapid7 is tracking reports of ongoing exploitation of CVE-2023-28771, a critical unauthenticated command injection vulnerability affecting multiple Zyxel networking devices.

2 min Emergent Threat Response

CVE-2023-27350: Ongoing Exploitation of PaperCut Remote Code Execution Vulnerability

CVE-2023-27350 is an unauthenticated remote code execution vulnerability in PaperCut MF/NG print management software. A patch is available for this vulnerability and should be applied on an emergency basis.

3 min Cybersecurity

ICYMI: 10 Cybersecurity Acronyms You Should Know in 2023

Cybersecurity is acronym-heavy to say the least. If you’re reading this, you already know. However, even the nerdiest among us miss a few. So, here are 10 cybersecurity acronyms you should know in 2023.

2 min Security Strategy

ISO 27001 Certification: What it is and why it matters

Rapid7's ISMS is ISO 27001 certified. This certification validates that our security strategy and processes meet very high standards and underscores our commitment to corporate and customer data security.

2 min Compliance

ISO 27002 Emphasizes Need For Threat Intelligence

Earlier this year, the International Organization for Standardization (ISO) released ISO 27002, which features a dedicated threat intelligence control.