Posts tagged Research

Threat Landscape of the Building and Construction Sector, Part One: Initial Access, Supply Chain, and the Internet of Things

Threat Research

Threat Landscape of the Building and Construction Sector, Part One: Initial Access, Supply Chain, and the Internet of Things

Jeremy Makowski

Salt Typhoon APT Group: What Public Sector Leaders and Defenders Should Know

Threat Research

Salt Typhoon APT Group: What Public Sector Leaders and Defenders Should Know

Rapid7 Labs

Defend Smarter, Not Harder: The Power of Curated Vulnerability Intelligence

Products and Tools

Defend Smarter, Not Harder: The Power of Curated Vulnerability Intelligence

Stephen Fewer

Key Emerging Cybersecurity Threats and Challenges for 2025 and Beyond

Industry Trends

Key Emerging Cybersecurity Threats and Challenges for 2025 and Beyond

Jeremy Makowski

Rapid7 at Pwn2Own: Raising the Bar in Vuln Intel

Vulnerabilities and Exploits

Rapid7 at Pwn2Own: Raising the Bar in Vuln Intel

Stephen Fewer

Independent Results Confirm Rapid7’s NGAV Delivers Strong, Reliable Protection

Products and Tools

Independent Results Confirm Rapid7’s NGAV Delivers Strong, Reliable Protection

Avi Ashkenazi

Inside Russian Market: Uncovering the Botnet Empire

Threat Research

Inside Russian Market: Uncovering the Botnet Empire

Alexandra Blia, Maor Weinberger

The Business of Cybercrime: Raj Samani on Access, Ransomware, and What Comes Next

Industry Trends

The Business of Cybercrime: Raj Samani on Access, Ransomware, and What Comes Next

Rapid7

Microsoft SharePoint Zero-Day Exploitation: What Public Sector Leaders Should Know

Threat Research

Microsoft SharePoint Zero-Day Exploitation: What Public Sector Leaders Should Know

Rapid7 Labs

Rapid7 Q2 2025 Incident Response Findings

Detection and Response

Rapid7 Q2 2025 Incident Response Findings

Chris Boyd

An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 2)

Threat Research

An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 2)

Anna Katarina Quinn

Flashrom to Hexedit to Root: DEF CON 33 IoT Village Exercise

Vulnerabilities and Exploits

Flashrom to Hexedit to Root: DEF CON 33 IoT Village Exercise

Rapid7

An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 1)

Threat Research

An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 1)

Anna Katarina Quinn

Inside the Ransomware Economy in 2025: Q2 Trends & Key Insights You Need to Know

Industry Trends

Inside the Ransomware Economy in 2025: Q2 Trends & Key Insights You Need to Know

Emma Burdett

Q2 2025 Ransomware Trends Analysis: Boom and Bust

Threat Research

Q2 2025 Ransomware Trends Analysis: Boom and Bust

Chris Boyd

CVE-2025-4365/CVE-2024-12284: NetScaler Console/SDX Authenticated Arbitrary File Read/Write (FIXED)

Vulnerabilities and Exploits

CVE-2025-4365/CVE-2024-12284: NetScaler Console/SDX Authenticated Arbitrary File Read/Write (FIXED)

Calum Hutton

Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)

Vulnerabilities and Exploits

Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)

Deral Heiland

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Threat Research

From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains

Christiaan Beek

Scattered Spider: Rapid7 Insights, Observations, and Recommendations

Threat Research

Scattered Spider: Rapid7 Insights, Observations, and Recommendations

Rapid7 Labs

CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)

Vulnerabilities and Exploits

CVE-2025-6759: Citrix Virtual Apps and Desktops - Local Privilege Escalation (FIXED)

Brandon Fisher

Multiple Brother Devices: Multiple Vulnerabilities (FIXED)

Vulnerabilities and Exploits

Multiple Brother Devices: Multiple Vulnerabilities (FIXED)

Stephen Fewer