The Rapid7 Blog:
Your Signal in the Security Noise

Insights, stories, and guidance from our global security and research teams.

Featured posts

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

Introducing Rapid7 MDR for Microsoft

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

What’s New in Rapid7 Products & Services?

3636 Results

CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest

Vulnerabilities and Exploits

CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest

Caitlin Condon

GhostLocker - A “Work In Progress” RaaS

Detection and Response

GhostLocker - A “Work In Progress” RaaS

Natalie Zargarov

Setup of Discovery Connection Azure

Products and Tools

Setup of Discovery Connection Azure

Rapid7

Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518

Vulnerabilities and Exploits

Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518

Rapid7

Metasploit Weekly Wrap-Up: Nov. 3, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Nov. 3, 2023

Dean Welch

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Vulnerabilities and Exploits

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Rapid7

Is That Smart Home Technology Secure? Here’s How You Can Find Out.

Threat Research

Is That Smart Home Technology Secure? Here’s How You Can Find Out.

Deral Heiland

Metasploit Weekly Wrap-Up: Oct. 27, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Oct. 27, 2023

Christopher Granleese

CVE-2023-4966: Exploitation of Citrix NetScaler Information Disclosure Vulnerability

Vulnerabilities and Exploits

CVE-2023-4966: Exploitation of Citrix NetScaler Information Disclosure Vulnerability

Rapid7

Metasploit Weekly Wrap-Up: Oct. 19, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Oct. 19, 2023

Brendan Watters

CVE-2023-20198: Active Exploitation of Cisco IOS XE Zero-Day Vulnerability

Vulnerabilities and Exploits

CVE-2023-20198: Active Exploitation of Cisco IOS XE Zero-Day Vulnerability

Caitlin Condon

Cloud Webinar Series Part 1: Commanding Cloud Strategies

Products and Tools

Cloud Webinar Series Part 1: Commanding Cloud Strategies

Owen Holland

Multiple Vulnerabilities in South River Technologies Titan MFT and Titan SFTP [FIXED]

Vulnerabilities and Exploits

Multiple Vulnerabilities in South River Technologies Titan MFT and Titan SFTP [FIXED]

Ron Bowes

Metasploit Weekly Wrap-Up: Oct. 13, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Oct. 13, 2023

Christophe De La Fuente

The Risks of Exposing DICOM Data to the Internet

Threat Research

The Risks of Exposing DICOM Data to the Internet

Christiaan Beek

Patch Tuesday - October 2023

Exposure Management

Patch Tuesday - October 2023

Adam Barnett

Metasploit Weekly Wrap-Up: Oct. 6, 2023

Exposure Management

Metasploit Weekly Wrap-Up: Oct. 6, 2023

Jacquie Harris

Little Crumbs Can Lead To Giants

Products and Tools

Little Crumbs Can Lead To Giants

Christiaan Beek

What’s New in Rapid7 Detection & Response: Q3 2023 in Review

Products and Tools

What’s New in Rapid7 Detection & Response: Q3 2023 in Review

Margaret Wei

CVE-2023-22515: Zero-Day Privilege Escalation in Confluence Server and Data Center

Vulnerabilities and Exploits

CVE-2023-22515: Zero-Day Privilege Escalation in Confluence Server and Data Center

Caitlin Condon

Proactively Prevent Breaches with Expanded Endpoint Protection in Rapid7 MXDR

Detection and Response

Proactively Prevent Breaches with Expanded Endpoint Protection in Rapid7 MXDR

Rapid7