4 min
Vulnerability Disclosure
CVE-2021-3198 and CVE-2021-3540: MobileIron Shell Escape Privilege Escalation Vulnerabilities
Discovered by Rapid7 researcher William Vu, Ivanti MobileIron Core versions 10.7.0.1-9 and 11.0.0.1-3 suffer from 2 restricted-shell escape vulnerabilities.
1 min
Research
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): FTSE 350
We are excited to release the second report in our Industry Cyber-Exposure Report (ICER) series, which digs into cyber-exposure among organizations in the U.K.’s FTSE 350.
3 min
Vulnerability Disclosure
CVE-2021-26908 and CVE-2021-26909: Automox Agent Information Disclosure (FIXED)
Rapid7 researcher Danny Jordan discovered two vulnerabilities in the Automox Agent for Windows and macOS.
2 min
Research
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Fortune 500
Today, Rapid7 just released the first in our all-new Industry Cyber-Exposure Report (ICER) series.
2 min
Research
Introducing the 2020 Vulnerability Intelligence Report: 50 CVEs that Made Headlines in 2020
Our 2020 Vulnerability Intelligence Report examines 50 vulnerabilities from 2020 to highlight exploitation patterns, explore attacker use cases, and offer a practical framework for understanding new threats.
8 min
National / Industry / Cloud Exposure Report (NICER)
NICER Protocol Deep Dive: Internet Exposure of HTTP and HTTPS
Read on to learn more about the internet exposure of HTTP and HTTPS from our 2020 NICER Report.
5 min
National / Industry / Cloud Exposure Report (NICER)
NICER Protocol Deep Dive: Internet Exposure of NTP
In the latest installment of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of NTP.
5 min
National / Industry / Cloud Exposure Report (NICER)
NICER Protocol Deep Dive: Internet Exposure of DNS-over-TLS
In this edition of our NICER Protocol Deep Dive blog series, we'll take a closer look at the internet exposure of DNS-over-TLS.
6 min
National / Industry / Cloud Exposure Report (NICER)
NICER Protocol Deep Dive: Internet Exposure of DNS
In this edition of our NICER Protocol Deep Dive blog series, we discuss the internet exposure of DNS.
3 min
IoT
HaXmas Hardware Hacking
This HaXmas, I decided to dig around a little in Rapid7's library of IoT investigations that never really went anywhere, just to see which tools were used.
4 min
Research
Rapid7 Labs’ 2020 Naughty List Summary Report to Santa
Your dutiful elves here at Rapid7 Labs have compiled a list of the naughty country networks being used to launch cyberattacks across the globe.
5 min
Security Strategy
UPnP With a Holiday Cheer
For today’s discussion, this blog post will only cover the port forwarding services and will also share a Python script you can use to start examining this service.
4 min
National / Industry / Cloud Exposure Report (NICER)
NICER Protocol Deep Dive: Internet Exposure of memcached
In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of memcached.
5 min
National / Industry / Cloud Exposure Report (NICER)
NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)
In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of the Microsoft SQL Server.
1 min
Under the Hoodie
Behind the Scenes: Under the Hoodie 2020 Video Series
In this blog, we take you on a behind-the-scenes look at the making of our 2020 Under the Hoodie video series.