Posts tagged Research

2 min Research

A Shifting Attack Landscape: Rapid7’s 2022 Vulnerability Intelligence Report

We’re excited to release Rapid7’s 2022 Vulnerability Intelligence Report—a deep dive into 50 of the most notable vulnerabilities our research team investigated throughout the year.

2 min Cloud Security

CIEM is Required for Cloud Security and IAM Providers to Compete: Gartner® Report

Cloud Security and IAM providers should consider prioritizing specific CIEM capabilities according to a new Gartner report.

2 min Research

A Deep Dive into Reversing CODESYS

This white paper offers a technical deep dive into PLC protocols and how to safely scan CODESYS-based ICS networking stacks.

2 min Rapid7 Culture

Rapid7 and USF: Building a diverse cybersecurity workforce is not optional

Rapid7 and the University of South Florida (USF) have announced a joint research lab aimed at increasing diversity in the cybersecurity workforce.

2 min Research

Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974

Rapid7 research has found that nearly 19,000 ESXi servers likely remain vulnerable to CVE-2021-21974, which is being exploited in the ESXiArgs campaign.

5 min Research

Evasion Techniques Uncovered: An Analysis of APT Methods

DLL search order hijacking and DLL sideloading are commonly used by nation state sponsored attackers to evade detection.

3 min Emergent Threat Response

Exploitation of GoAnywhere MFT zero-day vulnerability

A warning has been issued about an actively exploited zero-day vulnerability affecting on-premise instances of Fortra’s GoAnywhere MFT.

10 min Research

Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer and Qakbot Malware

Recently, Rapid7 observed malicious actors using OneNote files to deliver malicious code. This post details our findings.

4 min Open Source

Recog Release v3.0.3

Recog Release v3.0.3, which is available now, includes updated fingerprints for Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus; Atlassian Bitbucket Server; and Supervisord Supervisor.

4 min Research

Year in Review: Rapid7 Cybersecurity Research

Rapid7 is dedicated to conducting research that benefits the entire cybersecurity community. Here is a sampling of our efforts in 2022.

2 min Emergent Threat Response

CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities

On November 8, 2022, Citrix published Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516 [] announcing fixes for three vulnerabilities: * CVE-2022-27510 [] “Unauthorized access to Gateway user capabilities” * CVE-2022-27513 [

2 min DAST

New Research: Optimizing DAST Vulnerability Triage with Deep Learning

In new paper, Rapid7 data scientists outline a novel deep learning model to automatically prioritize application security vulnerabilities and reduce false positive friction.

3 min Research

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

We look at two of the most popular protocols used for remote administration, SSH and RDP, to get a sense of how attackers are taking advantage of weaker password management to gain access to systems.

8 min Vulnerability Disclosure

FLEXlm and Citrix ADM Denial of Service Vulnerability

Note: Updated October 20, 2022 to clarify that this bypasses CVE-2022-27512 and not CVE-2022-27511, which has a different root cause. On June 27, 2022, Citrix released an advisory [] for CVE-2022-27511 [] and CVE-2022-27512 [], which affect Citrix ADM (Application Del

7 min Vulnerability Disclosure

Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)

Rapid7 discovered vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare.