A Shifting Attack Landscape: Rapid7’s 2022 Vulnerability Intelligence Report
We’re excited to release Rapid7’s 2022 Vulnerability Intelligence Report—a deep dive into 50 of the most notable vulnerabilities our research team investigated throughout the year.
CIEM is Required for Cloud Security and IAM Providers to Compete: Gartner® Report
Cloud Security and IAM providers should consider prioritizing specific CIEM capabilities according to a new Gartner report.
A Deep Dive into Reversing CODESYS
This white paper offers a technical deep dive into PLC protocols and how to safely scan CODESYS-based ICS networking stacks.
Rapid7 and USF: Building a diverse cybersecurity workforce is not optional
Rapid7 and the University of South Florida (USF) have announced a joint research lab aimed at increasing diversity in the cybersecurity workforce.
Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974
Rapid7 research has found that nearly 19,000 ESXi servers likely remain vulnerable to CVE-2021-21974, which is being exploited in the ESXiArgs campaign.
Evasion Techniques Uncovered: An Analysis of APT Methods
DLL search order hijacking and DLL sideloading are commonly used by nation state sponsored attackers to evade detection.
Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer and Qakbot Malware
Recently, Rapid7 observed malicious actors using OneNote files to deliver malicious code. This post details our findings.
Recog Release v3.0.3
Recog Release v3.0.3, which is available now, includes updated fingerprints for Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus; Atlassian Bitbucket Server; and Supervisord Supervisor.
Year in Review: Rapid7 Cybersecurity Research
Rapid7 is dedicated to conducting research that benefits the entire cybersecurity community. Here is a sampling of our efforts in 2022.
New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers
We look at two of the most popular protocols used for remote administration, SSH and RDP, to get a sense of how attackers are taking advantage of weaker password management to gain access to systems.
FLEXlm and Citrix ADM Denial of Service Vulnerability
Note: Updated October 20, 2022 to clarify that this bypasses CVE-2022-27512 and
not CVE-2022-27511, which has a different root cause.
On June 27, 2022, Citrix released an advisory
for CVE-2022-27511 [https://nvd.nist.gov/vuln/detail/CVE-2022-27511] and
CVE-2022-27512 [https://nvd.nist.gov/vuln/detail/CVE-2022-27512], which affect
Citrix ADM (Application Del
Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)
Rapid7 discovered vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare.
Architecting for Extortion: Acting on the IST’s Blueprint for Ransomware Defense
Last month, the Institute for Security and Technology’s Ransomware Task Force launched the Blueprint for Ransomware Defense.
25 Years of Nmap: Happy Scan-iversary!
On September 1, 1997, the open-source security scanner Nmap was released. Our Director of Research Tod Beardsley reflects on the 25th anniversary.
Pushing Open-Source Security Forward: Insights From Black Hat 2022
Here's a look at two Rapid7 researchers' presentations from Black Hat 2022, and how their efforts are helping push open-source security forward.