The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Weekly security updates — no spam. Privacy Policy.

Featured posts

Introducing Rapid7 MDR for Microsoft

Introducing Rapid7 MDR for Microsoft

Read post
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Read post
What’s New in Rapid7 Products & Services?

What’s New in Rapid7 Products & Services?

Read post
Abusing Safari's webarchive file format

Vulnerabilities and Exploits

Abusing Safari's webarchive file format

joev's avatar

joev

Exploit for new Vulnerability on Honeywell EBI ActiveX (CVE-2013-0108)

Vulnerabilities and Exploits

Exploit for new Vulnerability on Honeywell EBI ActiveX (CVE-2013-0108)

Juan Vazquez's avatar

Juan Vazquez

Malicious SSIDs And Web Apps

Vulnerabilities and Exploits

Malicious SSIDs And Web Apps

rapidmb's avatar

rapidmb

Ray Sharp CCTV DVR Password Retrieval & Remote Root

Vulnerabilities and Exploits

Ray Sharp CCTV DVR Password Retrieval & Remote Root

HD Moore's avatar

HD Moore

Exploiting Ruby on Rails with Metasploit (CVE-2013-0156)

Vulnerabilities and Exploits

Exploiting Ruby on Rails with Metasploit (CVE-2013-0156)

HD Moore's avatar

HD Moore

Serialization Mischief in Ruby Land (CVE-2013-0156)

Vulnerabilities and Exploits

Serialization Mischief in Ruby Land (CVE-2013-0156)

HD Moore's avatar

HD Moore

How Metasploit's 3-Step Quality Assurance Process Gives You Peace Of Mind

Vulnerabilities and Exploits

How Metasploit's 3-Step Quality Assurance Process Gives You Peace Of Mind

Christian Kirsch's avatar

Christian Kirsch

New Metasploit Exploit: Crystal Reports Viewer CVE-2010-2590

Vulnerabilities and Exploits

New Metasploit Exploit: Crystal Reports Viewer CVE-2010-2590

Juan Vazquez's avatar

Juan Vazquez

November Exploit Trends: Apache Killer Exploit New to List

Vulnerabilities and Exploits

November Exploit Trends: Apache Killer Exploit New to List

Christian Kirsch's avatar

Christian Kirsch

Skynet, a Tor-powered botnet straight from Reddit

Vulnerabilities and Exploits

Skynet, a Tor-powered botnet straight from Reddit

nex's avatar

nex

Abusing Windows Remote Management (WinRM) with Metasploit

Vulnerabilities and Exploits

Abusing Windows Remote Management (WinRM) with Metasploit

David Maloney's avatar

David Maloney

New 0day Exploit: Novell ZENworks CVE-2012-4933 Vulnerability

Vulnerabilities and Exploits

New 0day Exploit: Novell ZENworks CVE-2012-4933 Vulnerability

Juan Vazquez's avatar

Juan Vazquez

Moving from HML (High, Medium, Low) Hell to Security Heaven – Whiteboard Wednesdays

Vulnerabilities and Exploits

Moving from HML (High, Medium, Low) Hell to Security Heaven – Whiteboard Wednesdays

bleger's avatar

bleger

Free Scanner for MySQL Authentication Bypass CVE-2012-2122

Vulnerabilities and Exploits

Free Scanner for MySQL Authentication Bypass CVE-2012-2122

Christian Kirsch's avatar

Christian Kirsch

Webcast: Decrease Your Risk of a Data Breach - Effective Security Programs with Metasploit

Vulnerabilities and Exploits

Webcast: Decrease Your Risk of a Data Breach - Effective Security Programs with Metasploit

Christian Kirsch's avatar

Christian Kirsch

Cuckoo Sandbox 0.4 Simplifies Malware Analysis with KVM support, Signatures and Extended Modularity

Vulnerabilities and Exploits

Cuckoo Sandbox 0.4 Simplifies Malware Analysis with KVM support, Signatures and Extended Modularity

nex's avatar

nex

Exploit Trends: New Microsoft and MySQL Exploits Make the Top 10

Vulnerabilities and Exploits

Exploit Trends: New Microsoft and MySQL Exploits Make the Top 10

Christian Kirsch's avatar

Christian Kirsch

New Critical Microsoft IE Zero-Day Exploits in Metasploit

Vulnerabilities and Exploits

New Critical Microsoft IE Zero-Day Exploits in Metasploit

Wei Chen's avatar

Wei Chen

CVE-2012-2122: A Tragically Comedic Security Flaw in MySQL

Vulnerabilities and Exploits

CVE-2012-2122: A Tragically Comedic Security Flaw in MySQL

HD Moore's avatar

HD Moore

Exploit Trends: CCTV DVR Login Scanning and PHP CGI Argument Injection

Vulnerabilities and Exploits

Exploit Trends: CCTV DVR Login Scanning and PHP CGI Argument Injection

Christian Kirsch's avatar

Christian Kirsch

Weekly Metasploit Update: Post Modules

Vulnerabilities and Exploits

Weekly Metasploit Update: Post Modules

Tod Beardsley's avatar

Tod Beardsley