Back to Blog

Posts tagged Research

CVE-2020-12271: Sophos XG Firewall Pre-Auth SQL Injection Vulnerability Remediation Guidance and Exposure Overview

Vulnerabilities and Exploits

CVE-2020-12271: Sophos XG Firewall Pre-Auth SQL Injection Vulnerability Remediation Guidance and Exposure Overview

boB Rudis's avatar

boB Rudis

Meet AttackerKB

Threat Research

Meet AttackerKB

Caitlin Condon's avatar

Caitlin Condon

Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)

Detection and Response

Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)

Tom Sellers's avatar

Tom Sellers

CVE-2020-0796: Microsoft SMBv3 Remote Code Execution Vulnerability Analysis

Threat Research

CVE-2020-0796: Microsoft SMBv3 Remote Code Execution Vulnerability Analysis

Bryce Abdo's avatar

Bryce Abdo

Rapid7 2020 Threat Report: Exposing Common Attacker Trends

Threat Research

Rapid7 2020 Threat Report: Exposing Common Attacker Trends

Tod Beardsley's avatar

Tod Beardsley

How We Used Data Science Magic to Predict Key RSA 2020 Themes and Takeaways

Security Operations

How We Used Data Science Magic to Predict Key RSA 2020 Themes and Takeaways

Mark Hamill's avatar

Mark Hamill

DOUBLEPULSAR over RDP: Baselining Badness on the Internet

Threat Research

DOUBLEPULSAR over RDP: Baselining Badness on the Internet

Tom Sellers's avatar

Tom Sellers

DOUBLEPULSAR RCE 2: An RDP Story

Products and Tools

DOUBLEPULSAR RCE 2: An RDP Story

William Vu's avatar

William Vu

Active Exploitation of Citrix NetScaler (CVE-2019-19781): What You Need to Know

Threat Research

Active Exploitation of Citrix NetScaler (CVE-2019-19781): What You Need to Know

Derek Abdine's avatar

Derek Abdine

Oh, Behave! Who Made It to Rapid7 Labs' Naughty List(s) in 2019?

Threat Research

Oh, Behave! Who Made It to Rapid7 Labs' Naughty List(s) in 2019?

boB Rudis's avatar

boB Rudis

Cisco Self-Signed Certificate Expiration on Jan. 1, 2020: What You Need to Know

Threat Research

Cisco Self-Signed Certificate Expiration on Jan. 1, 2020: What You Need to Know

boB Rudis's avatar

boB Rudis

IoT Vuln Disclosure: Children's GPS Smart Watches (R7-2019-57)

Vulnerabilities and Exploits

IoT Vuln Disclosure: Children's GPS Smart Watches (R7-2019-57)

Tod Beardsley's avatar

Tod Beardsley

What a Difference a Year Makes: Revisiting Our Inaugural Fortune 500 ICER One Year Later

Threat Research

What a Difference a Year Makes: Revisiting Our Inaugural Fortune 500 ICER One Year Later

boB Rudis's avatar

boB Rudis

Rapid7 Introduces Industry Cyber-Exposure Report: Deutsche Börse Prime Standard 320

Threat Research

Rapid7 Introduces Industry Cyber-Exposure Report: Deutsche Börse Prime Standard 320

Tod Beardsley's avatar

Tod Beardsley

R7-2019-32: Denial-of-Service Vulnerabilities in Beckhoff TwinCAT PLC Environment

Threat Research

R7-2019-32: Denial-of-Service Vulnerabilities in Beckhoff TwinCAT PLC Environment

Tod Beardsley's avatar

Tod Beardsley

Open-Source Command and Control of the DOUBLEPULSAR Implant

Products and Tools

Open-Source Command and Control of the DOUBLEPULSAR Implant

William Vu's avatar

William Vu

This One Time on a Pen Test: Our Accidental Win

Threat Research

This One Time on a Pen Test: Our Accidental Win

Ted Raffle's avatar

Ted Raffle

This One Time on a Pen Test: What’s in the Box?

Threat Research

This One Time on a Pen Test: What’s in the Box?

Ted Raffle's avatar

Ted Raffle

This One Time on a Pen Test: Your Mouse Is My Keyboard

Exposure Management

This One Time on a Pen Test: Your Mouse Is My Keyboard

Rapid7's avatar

Rapid7

This One Time on a Pen Test: Nerds in the NERC

Threat Research

This One Time on a Pen Test: Nerds in the NERC

Jonathan Stines's avatar

Jonathan Stines

This One Time on a Pen Test: Missed a Spot

Threat Research

This One Time on a Pen Test: Missed a Spot

Ted Raffle's avatar

Ted Raffle