Rapid7 Cybersecurity Blog & Latest Vulnerability News

Vulnerabilities and Exploits

CVE-2023-22515: Zero-Day Privilege Escalation in Confluence Server and Data Center

Caitlin Condon

Detection and Response

Proactively Prevent Breaches with Expanded Endpoint Protection in Rapid7 MXDR

Rapid7

Products and Tools

What’s New in InsightVM and Nexpose: Q3 2023 in Review

Roshnee Mistry Shah

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 29, 2023

Alan David Foster

Threat Research

Critical Vulnerabilities in WS_FTP Server

Caitlin Condon

Detection and Response

Unlock Broader Detections and Forensics with Velociraptor in Rapid7 XDR

Shanna Battaglia

Exposure Management

Introducing Active Risk

Rapid7

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 22, 2023

Spencer McIntyre

Security Operations

Rapid7 2023 MITRE Engenuity ATT&CK® Evaluations

Meaghan Buchanan

Exposure Management

Rapid7 doubles down on a platform approach for Vulnerability Risk Management

Roshnee Mistry Shah

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 15, 2023

Spencer McIntyre

Exposure Management

Patch Tuesday - September 2023

Adam Barnett

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 8, 2023

Christopher Granleese

Cloud and Devops Security

A Look at Our Development Process of the Cloud Resource Enrichment API

Gil Shamgar

Vulnerabilities and Exploits

CVE-2023-4528: Java Deserialization Vulnerability in JSCAPE MFT (Fixed)

Ron Bowes

Exposure Management

Metasploit Weekly Wrap-Up: Sep. 1, 2023

Brendan Watters

Threat Research

Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers

Natalie Zargarov

Exposure Management

Exploitation of Juniper Networks SRX Series and EX Series Devices

Ron Bowes

Exposure Management

PenTales: What It’s Like on the Red Team

Aaron Herndon

Products and Tools

Velociraptor 0.7.0 Release: Dig Deeper With Enhanced Client Search, Server Improvements and Expanded VQL Library

Dr. Mike Cohen

Detection and Response

Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs

Rapid7

The Rapid7 Blog:
Your Signal in the Security Noise

Featured posts

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Categories

Popular Tags

CVE-2023-22515: Zero-Day Privilege Escalation in Confluence Server and Data Center

Proactively Prevent Breaches with Expanded Endpoint Protection in Rapid7 MXDR

What’s New in InsightVM and Nexpose: Q3 2023 in Review

Metasploit Weekly Wrap-Up: Sep. 29, 2023

Critical Vulnerabilities in WS_FTP Server

Unlock Broader Detections and Forensics with Velociraptor in Rapid7 XDR

Introducing Active Risk

Metasploit Weekly Wrap-Up: Sep. 22, 2023

Rapid7 2023 MITRE Engenuity ATT&CK® Evaluations

Rapid7 doubles down on a platform approach for Vulnerability Risk Management

Metasploit Weekly Wrap-Up: Sep. 15, 2023

Patch Tuesday - September 2023

Metasploit Weekly Wrap-Up: Sep. 8, 2023

A Look at Our Development Process of the Cloud Resource Enrichment API

CVE-2023-4528: Java Deserialization Vulnerability in JSCAPE MFT (Fixed)

Metasploit Weekly Wrap-Up: Sep. 1, 2023

Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers

Exploitation of Juniper Networks SRX Series and EX Series Devices

PenTales: What It’s Like on the Red Team

Velociraptor 0.7.0 Release: Dig Deeper With Enhanced Client Search, Server Improvements and Expanded VQL Library

Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs

The Rapid7 Blog:Your Signal in the Security Noise

Featured posts

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Categories

Categories

Popular Tags

Popular Tags

CVE-2023-22515: Zero-Day Privilege Escalation in Confluence Server and Data Center

Proactively Prevent Breaches with Expanded Endpoint Protection in Rapid7 MXDR

What’s New in InsightVM and Nexpose: Q3 2023 in Review

Metasploit Weekly Wrap-Up: Sep. 29, 2023

Critical Vulnerabilities in WS_FTP Server

Unlock Broader Detections and Forensics with Velociraptor in Rapid7 XDR

Introducing Active Risk

Metasploit Weekly Wrap-Up: Sep. 22, 2023

Rapid7 2023 MITRE Engenuity ATT&CK® Evaluations

Rapid7 doubles down on a platform approach for Vulnerability Risk Management

Metasploit Weekly Wrap-Up: Sep. 15, 2023

Patch Tuesday - September 2023

Metasploit Weekly Wrap-Up: Sep. 8, 2023

A Look at Our Development Process of the Cloud Resource Enrichment API

CVE-2023-4528: Java Deserialization Vulnerability in JSCAPE MFT (Fixed)

Metasploit Weekly Wrap-Up: Sep. 1, 2023

Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers

Exploitation of Juniper Networks SRX Series and EX Series Devices

PenTales: What It’s Like on the Red Team

Velociraptor 0.7.0 Release: Dig Deeper With Enhanced Client Search, Server Improvements and Expanded VQL Library

Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs

The Rapid7 Blog:
Your Signal in the Security Noise