All Posts

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Four new Moodle modules, plus new features to help red teamers keep track of sessions and forwarded connections.

5 min Threat Intel

4 Simple Steps for an Effective Threat Intelligence Program

By following these simple steps, you can implement an effective threat intelligence program that's built for the modern cybersecurity environment.

5 min Cloud Security

Turn On, Tune In, Drop the Noise: Achieve Better Cloud Security by Reducing Noise

For security professionals, it's easy to get lost in the noise. And when it comes to cloud security, tuning into the signal is essential.

2 min Security Nation

[Security Nation] Michael Daniel on the Cyber Threat Alliance

In this episode of Security Nation, Jen and Tod chat with Michael Daniel about his work as president and CEO of the Cyber Threat Alliance.

7 min Vulnerability Management

Patch Tuesday - October 2021

Today’s Patch Tuesday sees Microsoft issuing fixes [https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct] for over 70 CVEs, affecting the usual mix of their product lines. From Windows, Edge, and Office, to Exchange, SharePoint, and Dynamics, there is plenty of patching to do for workstation and server administrators alike. One vulnerability has already been seen exploited in the wild: CVE-2021-40449 [https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40449] is an elev

4 min Application Security

This Was the Summer of AppSec: All the Improvements We Made in Q3

But before we fall into another season, we wanted to look back on all of the improvements we've made to InsightAppSec and tCell over the last 3 months.

4 min Kubernetes

Have You Checked the New Kubernetes RBAC Swiss Army Knife?

InsightCloudSec’s RBAC tool is an all-in-one open-source tool for analyzing Kubernetes RBAC policies and simplifying Kubernetes RBAC.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

New modules for vCenter Server and Linux Netfilter, plus fixes and enhancements.

3 min InsightVM

What's New in InsightVM: Q3 2021 in Review

In today's post, we're giving a rundown of new features and functionality launched in Q3 2021 for InsightVM and the Insight Platform.

1 min Detection and Response

Velociraptor to Announce Winners of Its 2021 Contributor Competition

Velociraptor and Rapid7 are excited to announce the winners of our 2021 Velociraptor Contributor Competition on Friday, October 8.

3 min Emergent Threat Response

Apache HTTP Server CVE-2021-41773 Exploited in the Wild

On Monday, October 4, 2021, Apache published an advisory on an unauthenticated remote file disclosure vulnerability in the HTTP Server version 2.4.29.

6 min Research

For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy

When it comes to the state of patching for recent Exchange Server vulnerabilities, the picture is more incomplete than you'd think.

4 min Detection and Response

What's New in InsightIDR: Q3 2021 in Review

This post offers a closer look at some of the recent updates and releases in InsightIDR, our extended detection and response solution, from Q3 2021.

1 min Lost Bots

[The Lost Bots] Episode 6: D&R + VM = WINNING!

In this episode, Practice Advisor Devin Krugly joins to discuss how Detection and Response + Vulnerability Management = a winning combination.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

More post modules than we've ever put out in a single release before, courtesy of a university project to add credential gathering capabilities based on the PackRat toolset.