Posts tagged Research

5 min Russia-Ukraine Conflict

8 Tips for Securing Networks When Time Is Scarce

In light of increased cyber risk surrounding the Russia-Ukraine conflict, we’ve put together 8 tips that defenders can take right now to prepare.

4 min Research

Cloud Pentesting, Pt. 1: Breaking Down the Basics

More and more customers are looking to get a pentest done in their cloud deployment. What does that mean?

4 min Research

Graph Analysis of the Conti Ransomware Group Internal Chats

The leaked communications from the Conti ransomware group are a rich source of intelligence, and the messaging patterns provide even more insight.

5 min Vulnerability Disclosure

CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)

On February 25, 2022, GitLab published a fix for CVE-2021-4191, a now-patched vulnerability resulting from a missing authentication check.

7 min Ransomware

Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict

On February 27, Twitter user @ContiLeaks released a trove of chat logs from the sophisticated ransomware group, Conti.

6 min Log4Shell

Log4Shell 2 Months Later: Security Strategies for the Internet's New Normal

On Wednesday, February 16, Rapid7 experts Bob Rudis, Devin Krugly, and Glenn Thorpe sat down for a webinar on the current state of the Log4j vulnerability.

4 min Public Policy

Prudent Cybersecurity Preparation for the Potential Russia-Ukraine Conflict

Fending off an attack from a well-resourced nation state is a nightmare scenario for cybersecurity teams. Here are some steps your organization can take to bolster its defenses.

14 min Research

Dropping Files on a Domain Controller Using CVE-2021-43893

On December 14, 2021, during the Log4Shell chaos, Microsoft published CVE-2021-43893, a remote privelege escalation vulnerability affecting Windows EFS.

2 min Metasploit

Metasploit Wrap-Up

Welcome, Little Hippo: PetitPotam Our very own @zeroSteiner [https://github.com/zeroSteiner] ported [https://github.com/rapid7/metasploit-framework/pull/16136] the PetitPotam [https://github.com/topotam/PetitPotam] exploit to Metasploit this week. This module leverages CVE-2021-36942 [https://attackerkb.com/topics/TEBmUAfeCs/cve-2021-36942?referrer=blog], a vulnerability in the Windows Encrypting File System (EFS) API, to capture machine NTLM hashes. This uses the EfsRpcOpenFileRaw function of t

4 min Research

Evolving How We Share Rapid7 Research Data

Our goal for Open Data has been to enable others to participate in these efforts, increasing the positive impact across the community.

4 min Threat Intel

The Big Target on Cyber Insurers' Backs

According to our research, cyber insurance providers are highly targeted in the insurance space. Find out why and what they can do to protect themselves.

3 min Ransomware

Is the Internet of Things the Next Ransomware Target?

What would it take for IoT to be the target of ransomware? This post takes a closer look.

3 min Research

Open-Source Security: Getting to the Root of the Problem

The past few weeks have shown us the importance and wide reach of open-source security.

5 min 2022 Planning

2022 Planning: Metrics That Matter and Curtailing the Cobra Effect

Creating metrics in cybersecurity is hard enough, but creating metrics that matter is a harder challenge still.

5 min Hacky Holidays 2021

Being Naughty to See Who Was Nice: Machine Learning Attacks on Santa’s List

Like many organizations with big data problems, Santa has turned to machine learning to help him sort through his naughty and nice lists.