All Posts

3 min Security Nation

[Security Nation] Jill Fraser and Deborah Blyth on Securing Colorado

In this episode of Security Nation, we chat with Deborah Blyth, CISO of the State of Colorado, and Jill Fraser, the CISO for Jefferson County, Colorado.

3 min MDR

New Rapid7 MDR Essentials Capability Sees What Attackers See: “It’s Eye-Opening”

We’re adding a new capability (and report) to connect proactive and reactive security for our MDR Essentials customers: Attack Surface Visibility.

4 min Public Policy

Cybersecurity in the Infrastructure Bill

This post provides highlights on cybersecurity in recent infrastructure legislation. Cybersecurity is essential to ensure modern infrastructure is safe, and Rapid7 commends Congress and the Administration for including cybersecurity in the Infrastructure Investment and Jobs Act.

4 min Vulnerability Disclosure

CVE-2021-3927[67]: Fortress S03 WiFi Home Security System Vulnerabilities

Rapid7 researcher Arvind Vishwakarma discovered multiple vulnerabilities in the Fortress S03 WiFi Home Security System.

1 min Lost Bots

[The Lost Bots] Episode 4: Deception Technology

In this episode of The Lost Bots, Jeffrey talks one-on-one with you about one of his favorite subjects: deception technology.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

LearnPress authenticated SQL injection Metasploit contributor h00die [https://github.com/h00die] added a new module that exploits CVE-2020-6010 [https://attackerkb.com/topics/x12K9JOfk2/cve-2020-6010?referrer=blog], an authenticated SQL injection vulnerability in the WordPress LearnPress plugin. When a user is logged in with contributor privileges or higher, the id parameter can be used to inject arbitrary code through an SQL query. This exploit can be used to collect usernames and password hash

3 min Cybersecurity

The Cybersecurity Skills Gap Is Widening: New Study

A new study reveals organizations are having serious trouble sourcing top-tier cybersecurity talent — despite their need to fill these roles growing more urgent by the day.

5 min Cybersecurity

[R]Evolution of the Cyber Threat Intelligence Practice

Threat intelligence is transitioning from a separate pillar to a central hub that feeds all the functions of the security organization.

4 min Cybersecurity

Cybercriminals Selling Access to Compromised Networks: 3 Surprising Research Findings

To help fend off network compromise events and curb breach sales, we decided to analyze why and how criminals sell their network access.

1 min Cybersecurity

[The Lost Bots] Bonus Episode: Velociraptor Contributor Competition

In this extra installment of The Lost Bots, Mike Cohen tells Jeffrey about Velociraptor's 2021 Contributor Competition.

3 min MDR

Rapid7 MDR Named a Market Leader, Again!

Rapid7 is thrilled to be recognized as a Leader in the IDC MarketScape for 2021.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

New modules for Lucee Administrator and ProxyShell, which targets on-premises Microsoft Exchange servers. Plus, tons of enhancements and fixes!

4 min Career Development

Why Joining Rapid7 Was the Best Decision for These Sales Professionals, Even During a Pandemic

We talked with a few of our North America Account Executives to hear firsthand about why they chose to join Rapid7 (even during a pandemic), how they learned about the company, and why they’d recommend Rapid7 as a great place to work.

3 min Awards

Rapid7 Announces Partner of the Year Awards 2021 Winners

It’s with immense pleasure that we announce today the winners of the Rapid7 Partner of the Year Awards 2021.

1 min Security Nation

[Security Nation] Daniel Crowley on Running a Cybersecurity Internship

On this episode of Security Nation, Daniel Crowley, Research Director of IBM X-Force Red, discusses the ins and outs of running a cybersecurity internship program.