Posts tagged Research

9 min Virtual Vegas

Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 1 Sessions

Even from home, it can be tough to catch what you want to see at Black Hat, so we had our experts do the work for you as part of our Virtual Vegas event.

3 min Vulnerability Management

Remote Code Execution Risks in Secomea, Moxa, and HMS eWon ICS VPN Vulnerabilities: What You Need to Know

On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across products of three industrial control system (ICS) vendors’ — HMS, Secomea, and Moxa — remote access technologies.

3 min Vulnerability Management

CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability: What You Need to Know

On July 22, Cisco released a patch for a high-severity read-only patch traversal vulnerability in its Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products.

2 min Research

Rapid7 Releases 2020 National / Industry / Cloud Exposure Report (NICER)

Rapid7 has just released the 2020 National / Internet / Cloud Exposure Report, affectionately called the NICER report.

3 min Vulnerability Disclosure

CVE-2020-2021 Authentication Bypass in PAN-OS Security Assertion Markup Language (SAML) Authentication Disclosed

On Monday, June 29, 2020, Palo Alto released details on CVE-2020-2021 a new, critical weakness in SAML authentication on PAN-OS devices.

7 min Research

Building a Printed Circuit Board Probe Testing Jig

In this blog, we discuss how to build a printed circuit board (PCB) probe testing jig.

2 min Quarterly Threat Report

Rapid7 Quarterly Threat Report: 2020 Q1

In this blog, we break down some of the top findings and highlights from the Rapid7 Quarterly Threat Report: 2020 Q1.

11 min Research

The Masked SYNger: Investigating a Traffic Phenomenon

At the beginning of 2020, Rapid7 and other researchers began noticing increased scanning activity against a variety of TCP ports.

4 min Vulnerability Management

May 2020 Cisco Remote Vulnerabilities Guidance

Cisco has posted patches for 34 vulnerabilities on May 6, 2020, with half a dozen that require your immediate attention.

5 min Research

CVE-2020-12271: Sophos XG Firewall Pre-Auth SQL Injection Vulnerability Remediation Guidance and Exposure Overview

On April 22, Sophos received a report documenting a suspicious field value visible in the management interface of an XG Firewall.

3 min Vulnerability Risk Management

Meet AttackerKB

Meet AttackerKB: a new community-driven resource that highlights diverse perspectives on which vulnerabilities make the most appealing targets for attackers.

7 min Microsoft

Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)

As of March 24, there were over 350,000 Microsoft Exchange servers exposing a version of the software with a vulnerability.

2 min Quarterly Threat Report

Rapid7 2020 Threat Report: Exposing Common Attacker Trends

In this blog, we break-down the three key sections of the newly-released Rapid7 2020 Threat Report.

5 min Events

How We Used Data Science Magic to Predict Key RSA 2020 Themes and Takeaways

As our team discussed our traditional RSA round-up blog, we started to wonder how easy it would be to predict those key themes before the conference even kicked off.

5 min Research

DOUBLEPULSAR over RDP: Baselining Badness on the Internet

How many internet-accessible RDP services have the DOPU implant installed? How much DOPU-over-RDP traffic do we see being sprayed across the internet?