Posts tagged Research

3 min IoT

Is That Smart Home Technology Secure? Here’s How You Can Find Out.

I can’t tell you which solution will work for your specific case, but I can give you some pointers around technology security.

5 min Research

The Risks of Exposing DICOM Data to the Internet

DICOM has revolutionized the medical imaging industry. However, it also presents potential vulnerabilities when exposed to the open internet.

8 min Research

Little Crumbs Can Lead To Giants

This blog offers a deep dive into the world of Shell Link files (LNK) and Virtual Hard Disk files (VHD).

11 min Detection and Response

Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers

Rapid7 has observed the Fake Browser Update lure utilizing a sophisticated new loader to execute infostealers.

2 min Research

Poorly Purged Medical Devices Present Security Concerns After Sale on Secondary Market

In Security Implications from Improper De-acquisition of Medical Infusion Pumps Rapid7 performs a physical and technical teardown of more than a dozen medical infusion pumps.

1 min Threat Intel

The Japanese Technology and Media Attack Landscape

Recently, we released a major report analyzing the threat landscape of Japan, the globe’s third largest economy. In that report we looked at the ways in which threat actors infiltrate Japanese companies (spoiler alert: it is often through foreign subsidiaries and affiliates) and some of the most pervasive threats those companies face such as ransomware and state-sponsored threat actors. We also took a look at some of the hardest hit industries and it should come as no surprise that some of the

1 min Financial Services

The Japanese Financial Services Attack Landscape

We looked at the ways in which threat actors infiltrate Japanese companies (spoiler alert: it is often through foreign subsidiaries and affiliates) and some of the most pervasive threats those companies face such as ransomware and state-sponsored threat actors.

8 min Research

Old Blackmoon Trojan, NEW Monetization Approach

Rapid7 is tracking a new, more sophisticated and staged campaign using the Blackmoon trojan, which appears to have originated in November 2022.

3 min Research

3 Key Challenges to Clarity in Threat Intelligence: 2023 Forrester Consulting Total Economic Impact™ Study

The 2023 Forrester Consulting Total Economic Impact™ Study of Threat Command looks at, among other things, the difficulties of obtaining clear threat intel.

2 min Research

Anarchy in the UK? Not Quite: A look at the cyber health of the FTSE 350

In this report, Rapid7 looked first at the overall attack surface of the FTSE 350 companies, broken down by industry.

2 min Research

A Shifting Attack Landscape: Rapid7’s 2022 Vulnerability Intelligence Report

We’re excited to release Rapid7’s 2022 Vulnerability Intelligence Report—a deep dive into 50 of the most notable vulnerabilities our research team investigated throughout the year.

3 min Cloud Security

CIEM is Required for Cloud Security and IAM Providers to Compete: Gartner® Report

Cloud Security and IAM providers should consider prioritizing specific CIEM capabilities according to a new Gartner report.

2 min Research

A Deep Dive into Reversing CODESYS

This white paper offers a technical deep dive into PLC protocols and how to safely scan CODESYS-based ICS networking stacks.

2 min Rapid7 Culture

Rapid7 and USF: Building a diverse cybersecurity workforce is not optional

Rapid7 and the University of South Florida (USF) have announced a joint research lab aimed at increasing diversity in the cybersecurity workforce.

2 min Research

Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974

Rapid7 research has found that nearly 19,000 ESXi servers likely remain vulnerable to CVE-2021-21974, which is being exploited in the ESXiArgs campaign.