5 min
Security Strategy
UPnP With a Holiday Cheer
For today’s discussion, this blog post will only cover the port forwarding services and will also share a Python script you can use to start examining this service.
3 min
InsightVM
Set New InsightVM Goals and Share with Your Team for Increased Visibility and More Efficient Execution
Since 2018, thousands of enterprises have utilized InsightVM’s Goals and SLAs feature to build their organization-specific security goals.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 12/18/20
Exploits for Oracle Solaris CVE-2020-14871 and Windows 7 CVE-2020-1054, plus enhancements and bug fixes for Railgun and msfdb init. Happy HaXmas!
4 min
InsightIDR
What’s New in InsightIDR: Q4 2020 in Review
As we near the end of 2020, we wanted to offer a closer look at some of the recent updates and releases in InsightIDR from Q4 2020.
3 min
Threat Intel
Sending the All-Clear Signal: The Implications of WhatsApp’s New Data Privacy Policy
Popular messaging app WhatsApp announced new data privacy policy changes set to debut on February 8, much to the chagrin of its massive user base.
3 min
Threat Intel
3 Security Regulations Automotive Companies Need to Know
A Rapid7 research report breaking down the cyber threat landscape in the automotive industry shows cyberattacks in the sector have risen rapidly.
3 min
InsightVM
How to Gain Visibility Into Audit Logs for Policy Customization in InsightVM
In this blog, we will be focusing on a simple use case that enables your organization to achieve greater visibility into your policy customization process.
1 min
Haxmas
Happy HaXmas from the Rapid7 Team!
This year's been a weird one, but we're thrilled that we’re able to keep up our favorite holiday tradition of our annual HaXmas blog series.
4 min
Vulnerability Management
The Risky Business: Rapid7 Report Highlights Need for Improved Vulnerability Management Practices
Based on the assessment of 24 service protocols, Rapid7’s NICER revealed key insights about the current state of the internet.
7 min
Vulnerability Management
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform.
3 min
Metasploit
Metasploit Wrap-Up: 12/11/20
This week's wrap-up covers five new modules (including scanner, execution, and disclosure modules), some good fixes and enhancements, and more!
2 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of etcd
In the latest edition of our NICER Protocol Deep Dive blog series, we break down the internet exposure of etcd.
2 min
InsightVM
New All Apps and Asset Report Combines Power of InsightVM and InsightAppSec for Boosted Visibility
When speaking with customers, we continue to hear that they are looking for more visibility into their vulnerability risk management activities.
5 min
Under the Hoodie
2020 Under the Hoodie Report Reveals Pen Testers’ Most-Loved Vulnerabilities
Understanding the vulnerabilities that pen testers rely on will help you make sure your organization is prepared to patch particular vulnerabilities.
3 min
Metasploit
Congrats to the Winners of the 2020 December Metasploit Community CTF
Thank you all that participated in the 2020 December Metasploit community CTF
! The four
day CTF was well received by the community, with 874 teams and 1903 users
registered! We’ve included the high-level stats and the competition winners
below. If you played the CTF and want to let the Metasploit team know which
challenges you found exhilarating, interesting, or infuriating (in a good way,
of course), we have a feedback survey