All Posts

7 min Microsoft

Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)

As of March 24, there were over 350,000 Microsoft Exchange servers exposing a version of the software with a vulnerability.

6 min Vulnerability Management

4 Common Goals For Vulnerability Risk Management Programs

This post will give you a glimpse into the research to pinpoint under-served and unmet customer needs in the vulnerability risk management space.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 4/3/2020

This week's release includes a local privilege escalation exploit for VMware Fusion through 11.5.3 on OS X, as well as RCE on Apache Solr and DNN cookie deserialization.

3 min SIEM

Analyze Security Data Faster with Visual Search in InsightIDR

Learn how InsightIDR, Rapid7’s SIEM tool, uses visualization to provide powerful security data analysis.
17 min Vulnerability Disclosure

Dispelling Zoom Bugbears: What You Need to Know About the Latest Zoom Vulnerabilities

In this blog, we break down what you need to know about the recent Zoom security issues and its vulnerability remediation process.

3 min SIEM

SOC Automation: Threat Detection and Response with SIEM and SOAR

We believe that the best solution to industry-wide struggles with threat detection and response is to increase efficiency using SIEM and SOAR together.
5 min Vulnerability Management

Reduce False Positive Vulnerabilities by Up To 22%

Today, we discuss how to measurably reduce false positive vulnerabilities so you can reallocate your team's time and resources.
3 min Podcast

A Chat with Jonathan Cran About Intrigue and Security in the COVID-19 Pandemic

In a recent episode of Rapid7’s podcast, Security Nation, we talked with Jonathan Cran, Head of Research at Kenna Security.

5 min Remote Working

Working from Home? Wi-Fi Security and Tips and Tricks

I jotted down some Wi-Fi security and management tips for my friends and colleagues who might not have paid much attention to their home networking.
2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 3/27/20

Three new modules, including a post module to automate the installation of an embeddable Python interpreter on a target, and a new exploit for Microsoft SharePoint Workflows.
1 min Metasploit

How to Participate in Our Metasploit Pro Customer Survey

As a Metasploit Pro customer, we want to know what your priorities are, what challenges you’re facing, and how Metasploit Pro addresses those needs.
2 min Vulnerability Management

Rapid7 Named a March 2020 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment

The Rapid7 team is excited to announce that we have been recognized as a March 2020 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment.

5 min InsightAppSec

Automating Multi-Factor Authentication: Time-Based One-Time Passwords

In this blog, we discuss everything you need to know about time-based one-time password (TOTP) authentication.

2 min Vulnerability Management

Active Exploitation of Unpatched Windows Font Parsing Vulnerability

Rapid7 analysis and customer guidance for a pair of unpatched font parsing vulnerabilities in multiple versions of Microsoft Windows (ADV200006).
4 min Public Policy

Cybersecurity Vulnerability Disclosure in Trade Agreements

Modern trade agreements should incorporate cybersecurity vulnerability disclosure. Here are Rapid7’s thoughts on how to do that and why.

Popular Topics

Tags