4 min
Cloud Security
Expanded Coverage and New Attack Path Visualizations Help Security Teams Prioritize Cloud Risk and Understand Blast Radius
Cloud environments differ in a number of ways from more traditional on-prem environments. From the immense scale and compounding complexity to the rate of change, the cloud creates a host of challenges for security teams to navigate and grapple with.
3 min
Artificial Intelligence
We Asked ChatGPT for 2024 Cybersecurity Predictions but You Should Make These Resolutions Instead
Here at Rapid7 we’ve seen a whole lot of threats and exploited vulnerabilities in 2023, many in the form of zero days. So it can be a little overwhelming to think about what could be in store for us in the year ahead.
3 min
Metasploit
Metasploit Weekly Wrap-Up: Dec. 15, 2023
Continuing the 12th Labor of Metasploit
Metasploit continues its Herculean task of increasing our toolset to tame
Kerberos by adding support for AS_REP Roasting, which allows retrieving the
password hashes of users who have Do not require Kerberos preauthentication set
on the domain controller. The setting is disabled by default, but it is enabled
in some environments.
Attackers can request the hash for any user with that option enabled, and worse
(or better?) you can query the DC to determine
3 min
InsightCloudSec
NIST SP 800-53 Rev. 5 Updates: What You Need to Know About The Most Recent Patch Release (5.1.1)
In this blog we’ll cover the new and updated controls within patch release 5.1.1, as well as review how Rapid7 InsightCloudSec helps security teams implement and continuously enforce them across their organizations.
6 min
Vulnerability Management
Patch Tuesday - December 2023
AMD divide-by-zero-day information disclosure. No-interaction MSHTML Outlook critical RCE. Double ICS critical RCE. Fewer patches for fewer products than usual.
5 min
Risk Management
Peeking into the crystal ball: What 2023 cyber threats told us about 2024
Even though we’re surely in for more than a few surprises in the coming year, there are ways we can be better prepared. So sit back and relax as we venture through some insights we’ve gained in 2023 and offer ways you can put them into practice in the coming year.
3 min
Living our Values and Leveraging Diverse Skill Sets: How Jonathan Atwood Built a Successful Career as a Customer Advisor at Rapid7
At Rapid7, our Customer Advisors play a pivotal role at ensuring our customers understand their threat landscape – and feel confident in their security programs.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 12/8/2023
New this week: An OwnCloud gather module and a Docker cgroups container escape. Plus, an early feature that allows users to search module actions, targets, and aliases.
3 min
A Trusted Voice in a Crowded Market: Meet Joanne Guariglia, Senior Channel Account Manager at Rapid7
As a Senior Channel Account Manager, Joanne Guariglia shares what she loves most about her role, Rapid7, and why now is a great time to join the team.
6 min
InsightVM
Method to an Old Consultant's Madness with Site Design
Simplifying your site structure and scan schedules will allow you to better optimize your scan templates, leading to faster scanning and fewer potential issues from overlapping scans.
4 min
Metasploit
Metasploit Weekly Wrap-Up: Dec. 1, 2023
Customizable DNS resolution
Contributor smashery [https://github.com/smashery] added a new dns command to
Metasploit console, which allows the user to customize the behavior of DNS
resolution. Similarly to the route command, it is now possible to specify where
DNS requests should be sent to avoid any information leak. Before these changes,
the Framework was using the default local system configuration. Now, it is
possible to specify which DNS server should be queried based on rules that match
sp
5 min
Emergent Threat Response
CVE-2023-49103 - Critical Information Disclosure in ownCloud Graph API
On November 21, 2023, ownCloud disclosed CVE-2023-49103, an unauthenticated information disclosure vulnerability affecting ownCloud, when a vulnerable extension called “Graph API” (graphapi) is present.
2 min
Security Operations (SOC)
Attackers are Working Around The Clock. Luckily, So Are We.
With the average cost of a breach at an all time high of $4.45 million, there’s an undeniable need for teams to enlist the right experts to quickly eradicate threats.
3 min
Artificial Intelligence
Rapid7 Takes Next Step in AI Innovation with New AI-Powered Threat Detections
A decades-long transition to cloud as the de-facto delivery model of choice has delivered undeniable value to the business landscape.
4 min
Cloud Security
Updates to Layered Context Enable Teams to Quickly Understand Which Risk Signals Are Most Pressing
Layered Context introduced a consolidated view of all security risks insightCloudSec collects from the various layers of a cloud environment.