4 min
Career Development
Three Things You Can Expect as an Intern at Rapid7
Are you a university student looking to jumpstart your career and gain some experience? Rapid7 has a wide range of opportunities for you to join our herd!
9 min
Cloud Security
Augmenting Native Cloud Service Provider Security
Most organizations already have some level of cloud infrastructure services; infrastructure-as-a-service , platform-as-a-service, function-as-a-service or serverless—and as more workloads migrate to and are built on the cloud, the top cloud security concern for any organization is a data breach.
4 min
Vulnerability Management
Patch Tuesday - August 2020
120 Vulnerabilities Patched in Microsoft's August 2020 Update Tuesday (2020-Aug
Patch Tuesday)
August 2020 brings along patches for 120 vulnerabilities within the standard set
of Microsoft products (Windows, Office, Browsers, and Developer Tools such as
.NET Framework, ASP.NET, and Visual Studio). Among the crowd are two
vulnerabilities: CVE-2020-1464
, and CVE-2020-1380
3 min
Awards
Rapid7 Named a Leader in the 2020 Forrester Wave™ for Midsize Managed Security Services Providers, Q3 2020
Rapid7 is thrilled to be named a Leader in The Forrester Wave™: Midsize Managed Security Services Providers, Q3 2020!
3 min
InsightVM
What’s New in InsightVM: H1 2020 in Review
Throughout the first half of the year, we released updates and features to help security teams work more effectively and efficiently in InsightVM.
9 min
Events
Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 2 Sessions
Our Rapid7 experts attended another day of incredible talks, and have plenty of key takeaways and insights to share about their Virtual Vegas sessions.
5 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 8/7/20
Metasploit 6 initial features and active development, the 2020 open-source security meetup (OSSM), four new modules, and the longest list of enhancements and fixes we've ever written in one sitting.
9 min
Events
Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 1 Sessions
Even from home, it can be tough to catch what you want to see at Black Hat, so we had our experts do the work for you as part of our Virtual Vegas event.
3 min
Metasploit
Metasploit 6 Now Under Active Development
The Metasploit team announces active development of Metasploit Framework 6. Initial features include end-to-end encryption of Meterpreter communications, SMBv3 client support, and a new polymorphic payload generation routine for Windows shellcode.
3 min
InsightIDR
InsightIDR Now Connects to Zoom for Easy Monitoring
Zoom adoption has skyrocketed with spikes in remote working, but web application security needs to be a top priority to avoid disruptions in collaboration.
3 min
Metasploit
Metasploit Wrap-Up - July 31, 2020
SharePoint DataSet/DataTable deserialization
First up we have an exploit from Spencer McIntyre (@zeroSteiner) for
CVE-2020-1147
, a
deserialization vulnerability in SharePoint instances that was patched by
Microsoft on July 14th 2020 and which has been getting quite a bit of attention
in the news lately. This module
utilizes Steven
Seeley (@stevenseeley)'s writeup al
1 min
Metasploit
Open Source Security Meetup (OSSM): Virtual Edition
The Rapid7 Metasploit team will be hosting our annual Open Source Security Meetup (OSSM) as a virtual event Thursday, August 6th!
8 min
Cloud Security
Cloud Best Practices Every Security Professional Should Know
In part one of this series on the cloud and cloud security for security professionals, we dove into everything you’ve ever wanted to know about the cloud.
3 min
Vulnerability Management
Remote Code Execution Risks in Secomea, Moxa, and HMS eWon ICS VPN Vulnerabilities: What You Need to Know
On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across products of three industrial control system (ICS) vendors’ — HMS, Secomea, and Moxa — remote access technologies.
3 min
Public Policy
Rapid7 statement on privacy and status of EU-US data transfers post-Schrems II
On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield in the Schrems II case (also known as Data Protection Commissioner v. Facebook Ireland and Maximillian Schrems). Here is our response.
