Back to Blog

Posts tagged Research

Exploitation of GoAnywhere MFT zero-day vulnerability

Threat Research

Exploitation of GoAnywhere MFT zero-day vulnerability

Caitlin Condon's avatar

Caitlin Condon

Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer and Qakbot Malware

Industry Trends

Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer and Qakbot Malware

Rapid7's avatar

Rapid7

Recog Release v3.0.3

Threat Research

Recog Release v3.0.3

Matthew Kienow's avatar

Matthew Kienow

Year in Review: Rapid7 Cybersecurity Research

Threat Research

Year in Review: Rapid7 Cybersecurity Research

Tom Caiazza's avatar

Tom Caiazza

CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities

Threat Research

CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities

Rapid7's avatar

Rapid7

New Research: Optimizing DAST Vulnerability Triage with Deep Learning

Threat Research

New Research: Optimizing DAST Vulnerability Triage with Deep Learning

Tom Caiazza's avatar

Tom Caiazza

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

Threat Research

New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers

Tod Beardsley's avatar

Tod Beardsley

FLEXlm and Citrix ADM Denial of Service Vulnerability

Threat Research

FLEXlm and Citrix ADM Denial of Service Vulnerability

Ron Bowes's avatar

Ron Bowes

Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)

Detection and Response

Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)

Deral Heiland's avatar

Deral Heiland

Architecting for Extortion: Acting on the IST’s Blueprint for Ransomware Defense

Threat Research

Architecting for Extortion: Acting on the IST’s Blueprint for Ransomware Defense

Erick Galinkin's avatar

Erick Galinkin

25 Years of Nmap: Happy Scan-iversary!

Exposure Management

25 Years of Nmap: Happy Scan-iversary!

Tod Beardsley's avatar

Tod Beardsley

Pushing Open-Source Security Forward: Insights From Black Hat 2022

Products and Tools

Pushing Open-Source Security Forward: Insights From Black Hat 2022

Jesse Mack's avatar

Jesse Mack

Are Your Apps Exposed? Know Faster With Application Discovery in InsightAppSec

Products and Tools

Are Your Apps Exposed? Know Faster With Application Discovery in InsightAppSec

Ronan McCrory's avatar

Ronan McCrory

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

Vulnerabilities and Exploits

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

Jake Baines's avatar

Jake Baines

CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE

Threat Research

CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE

Spencer McIntyre's avatar

Spencer McIntyre

What We're Looking Forward to at Black Hat, DEF CON, and BSidesLV 2022

Threat Research

What We're Looking Forward to at Black Hat, DEF CON, and BSidesLV 2022

Jesse Mack's avatar

Jesse Mack

QNAP Poisoned XML Command Injection (Silently Patched)

Exposure Management

QNAP Poisoned XML Command Injection (Silently Patched)

Jake Baines's avatar

Jake Baines

Primary Arms PII Disclosure via IDOR (FIXED)

Threat Research

Primary Arms PII Disclosure via IDOR (FIXED)

Tod Beardsley's avatar

Tod Beardsley

To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved

Exposure Management

To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved

Tom Caiazza's avatar

Tom Caiazza

Today’s SOC Strategies Will Soon Be Inadequate

Security Operations

Today’s SOC Strategies Will Soon Be Inadequate

Dina Durutlic's avatar

Dina Durutlic

For Finserv Ransomware Attacks, Obtaining Customer Data Is the Focus

Industry Trends

For Finserv Ransomware Attacks, Obtaining Customer Data Is the Focus

Tom Caiazza's avatar

Tom Caiazza