The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Introducing the Metasploit Development Diaries

Threat Research

Introducing the Metasploit Development Diaries

Caitlin Condon's avatar

Caitlin Condon

Buy One Device, Get Data Free: Private Information Remains on Donated Tech

Threat Research

Buy One Device, Get Data Free: Private Information Remains on Donated Tech

Josh Frantz's avatar

Josh Frantz

Forrester Tech Tide for Detection and Response: Is 2019 the Year of Convergence?

Threat Research

Forrester Tech Tide for Detection and Response: Is 2019 the Year of Convergence?

Eric Sun's avatar

Eric Sun

Rapid7 Introduces Industry Cyber-Exposure Report: ASX 200

Threat Research

Rapid7 Introduces Industry Cyber-Exposure Report: ASX 200

boB Rudis's avatar

boB Rudis

Cisco® RV110/RV130/RV215 Unauthenticated Configuration Export Vulnerability (CVE-2019-1663): What You Need to Know

Threat Research

Cisco® RV110/RV130/RV215 Unauthenticated Configuration Export Vulnerability (CVE-2019-1663): What You Need to Know

boB Rudis's avatar

boB Rudis

Drupal Core Remote Code Execution (CVE-2019-6340): What You Need to Know

Threat Research

Drupal Core Remote Code Execution (CVE-2019-6340): What You Need to Know

boB Rudis's avatar

boB Rudis

[IoT Security] Introduction to Embedded Hardware Hacking

Threat Research

[IoT Security] Introduction to Embedded Hardware Hacking

Deral Heiland's avatar

Deral Heiland

Level Up Your Internet Intelligence Using the Rapid7 Open Data API and R

Threat Research

Level Up Your Internet Intelligence Using the Rapid7 Open Data API and R

boB Rudis's avatar

boB Rudis

Understanding Ubiquiti Discovery Service Exposures

Threat Research

Understanding Ubiquiti Discovery Service Exposures

Jon Hart's avatar

Jon Hart

Cisco RV320/RV325 Router Unauthenticated Configuration Export Vulnerability (CVE-2019-1653): What You Need to Know

Threat Research

Cisco RV320/RV325 Router Unauthenticated Configuration Export Vulnerability (CVE-2019-1653): What You Need to Know

boB Rudis's avatar

boB Rudis

Happy HaXmas! Year-End Internet Scanning Observations

Threat Research

Happy HaXmas! Year-End Internet Scanning Observations

Jon Hart's avatar

Jon Hart

The Ghost of Exploits Past: A Deep Dive into the Morris Worm

Threat Research

The Ghost of Exploits Past: A Deep Dive into the Morris Worm

William Vu's avatar

William Vu

Once a Haxer, Always a Haxor

Threat Research

Once a Haxer, Always a Haxor

Deral Heiland's avatar

Deral Heiland

Rsunk your Battleship: An Ocean of Data Exposed through Rsync

Threat Research

Rsunk your Battleship: An Ocean of Data Exposed through Rsync

Jon Hart's avatar

Jon Hart

Charting the Forthcoming PHPocalypse in 2019

Threat Research

Charting the Forthcoming PHPocalypse in 2019

boB Rudis's avatar

boB Rudis

Securing Buckets with Amazon S3 Block Public Access

Threat Research

Securing Buckets with Amazon S3 Block Public Access

Rapid7's avatar

Rapid7

How Retailers Can Protect Against Magecart This Black Friday and Holiday Season

Threat Research

How Retailers Can Protect Against Magecart This Black Friday and Holiday Season

boB Rudis's avatar

boB Rudis

How to Conduct DNS Reconnaissance for $.02 Using Rapid7 Open Data and AWS

Threat Research

How to Conduct DNS Reconnaissance for $.02 Using Rapid7 Open Data and AWS

Shan Sikdar's avatar

Shan Sikdar

This One Time on a Pen Test, Part 4: From Zero to Web Application Admin through Open-Source Intelligence Gathering

Threat Research

This One Time on a Pen Test, Part 4: From Zero to Web Application Admin through Open-Source Intelligence Gathering

Jordan LaRose's avatar

Jordan LaRose

HUMINT: The Riskiest (and Most Valuable) Form of Intelligence Gathering

Threat Research

HUMINT: The Riskiest (and Most Valuable) Form of Intelligence Gathering

Nathan Teplow's avatar

Nathan Teplow

Enhancing IoT Security Through Research Partnerships

Threat Research

Enhancing IoT Security Through Research Partnerships

Andrew Bindner's avatar

Andrew Bindner