All Posts

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Five new modules, including an exploit for "HiveNightmare" CVE-2021-36934, and new fixes and enhancements.

2 min Security Nation

[Security Nation] Philipp Amann on No More Ransom

Philipp Amann of Europol talks to Jen and Tod about No More Ransomware (NMR), a 5-year mission from Europol to help people escape ransom demands and recover their material on their own.

13 min Vulnerability Management

Multiple Open Source Web App Vulnerabilities Fixed

While it's never great to learn of new vulnerabilities in your own product, all three project maintainers accepted, validated, and provided fixes for these vulnerabilities within one day, which is amazing when it comes to vulnerability disclosure.

3 min Ransomware

Decrypter FOMO No Mo’: Five Years of the No More Ransom Project

The amazing No More Ransom Project celebrates its fifth anniversary today and so we just wanted to take a moment to talk about what it has accomplished and why you should tell all your friends about it.

4 min Metasploit

Metasploit Wrap-Up

Now I Control Your Resource Planning Servers Sage X3 is a resource planning product designed by Sage Group which is designed to help established businesses plan out their business operations. But what if you wanted to do more than just manage resources? What if you wanted to hijack the resource server itself? Well wait no more, as thanks to the work of Aaron Herndon [https://www.linkedin.com/in/aaron-herndon-54079b5a/], Jonathan Peterson [https://www.linkedin.com/in/jonathan-p-004b76a1/], Will

3 min InsightAppSec

What’s New in InsightAppSec and tCell: Q2 2021 in Review

If there’s a theme to InsightAppSec updates and improvements in the second quarter, it would be “save time by building it into the process.”

1 min

[Security Nation] Brian Honan on creating Ireland's first CERT

In this episode of Security Nation, we’re joined by Brian Honan of BH Consulting. Jen and Tod chat with Brian about his experience as a founder of Ireland's first CERT, the continuing scourge of ransomware, and cyber warranties.

2 min Emergent Threat Response

Microsoft SAM File Readability CVE-2021-36934: What You Need to Know

CVE-2021-36934 is a local privilege escalation vulnerability that allows non-administrative users to read the Security Account Manager (SAM) files on Windows 10 and 11 systems.

5 min Career Development

Grow Your Career at Rapid7: North America Sales

We talked with five of our North America Account Executives to hear firsthand about how Rapid7 has supported their career growth and learning, why they would recommend Rapid7 as a great place to work, and notable deals they’ve had the unique opportunity to work on and close.

1 min Detection and Response

[The Lost Bots] Episode 1: External Threat Intelligence

Welcome to The Lost Bots, a new vlog series where Rapid7 resident expert and former CISO, Jeffrey Gardner (virtually) sits down with fellow industry experts to spill the tea on current events and trends in the security space.

4 min Extended Detection and Response

Rapid7 + XDR: Security that Moves as Fast as Your Business

Making threat detection and response as agile and simple as possible enables security professionals to focus their time and energy on the most critical incidents and the things that matter most.

2 min Extended Detection and Response

Rapid7 Acquires IntSights to Tackle the Expanding Threat Landscape

I am pleased to share the exciting news that, today, Rapid7 acquired IntSights, a leading provider of cloud-native, external threat intelligence and proactive threat remediation.

3 min Detection and Response

Accelerating SecOps and Emergent Threat Response with the Insight Platform

Efficiency and streamlined operations are two areas where our team will continue to focus efforts in order to deliver value across Rapid7’s growing best-in-class portfolio, while enabling cross capability experiences that improve security team effectiveness.

3 min InsightVM

What’s New in InsightVM: Q2 2021 in Review

Here is a rundown of new features and functionality launched in Q2 2021 for InsightVM and the Insight Platform.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Four new modules, with improvements to Eternal Blue support, and AmSi 0BfuSc@t!on for Powershell payloads