Posts tagged Vulnerability Management

What Is Texas Senate Bill 820, and How Will It Affect Your School District?

In this post, we share how SB 820 will affect your school and district, and how you can respond by selecting a framework to improve your security program.

3 min Patch Tuesday

Patch Tuesday - November 2019

November's Patch Tuesday is upon us and, this month, Microsoft addressed 74 vulnerabilities of which one Internet Explorer vulnerability (CVE-2019-1429 [https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1429] ) has been seen under active exploitation. By prioritizing the released Microsoft Windows and Internet Explorer patches, the door to 58 of the 74 vulnerabilities will be closed off. Also, for the second month in a row, this Patch Tuesday sees an absent security upd

4 min InsightVM

The Anatomy of RDP Exploits: Lessons Learned from BlueKeep and DejaBlue

In this blog, we discuss lessons learned from RDP exploits such as BlueKeep and DejaBlue, and how organizations can be protected form future vulnerabilities.

4 min InsightVM

5 Steps to Go from Patch Management to Vulnerability Management

The terms “patch management” and “vulnerability management” are sometimes used interchangeably, but it is important to understand the difference.

4 min InsightVM

InsightVM vs. Managed Vulnerability Management: How to Choose Which Rapid7 Offering Is Right for You

In this blog, we explain our two vulnerability management offerings—InsightVM and our Managed Vulnerability Management Service—so you can make an informed decision about which is right for you.

2 min Patch Tuesday

Patch Tuesday - October 2019

This month's Patch Tuesday [https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/28ef0a64-489c-e911-a994-000d3a33c573] is mainly notable in that there isn't a whole lot to note, which is a change of pace. No 0-days, no vulnerabilities that had been publicly disclosed already, and nothing that could allow worms to proliferate. And nothing from Adobe [https://helpx.adobe.com/security.html]. Of course, that doesn't mean there's nothing to do: Microsoft still published 59 CVE

5 min Project Sonar

Exim Vulnerability (CVE-2019-16928): Global Exposure Details and Remediation Advice

On Sept. 27, CVE-2019-16928 was promulgated, indicating all Exim versions 4.92–4.92.2 were vulnerable to a heap-based buffer overflow.

5 min Vulnerability Management

How DHS and MITRE Collaborate to Validate Vulns

In this week's podcast, we spoke with Katie Trimble of DHS and Chris Coffin of MITRE about their work with the CVE Project.

3 min InsightVM

Four Ways to Improve Automated Vulnerability Management Efficiency with SOAR

In this post, we’ll cover four ways to leverage security orchestration and automation (SOAR) to improve your vulnerability management program and save time in the process.

4 min Vulnerability Management

CVE-2019-15846 Privileged Remote Code Execution Vulnerability in the Exim Mailer: What You Need to Know

On Sept. 6, the Exim development team released a patch for CVE-2019-15846, which fixed a privileged, unauthenticated RCE weakness in its popular internet email server software.

5 min Cloud Infrastructure

How to Set Up InsightVM in Your Google Cloud Environment

In this blog post, we’ll go over how to set up our vulnerability scanner, InsightVM in your Google Cloud and how to tweak it for your environment.

8 min AWS

Automating the Cloud: AWS Security Done Efficiently

Today, we are going to be installing software on all your existing EC2 instances across several (or all!) accounts under an organization in AWS.

2 min Patch Tuesday

Patch Tuesday - August 2019

First off, the big news for today's Patch Tuesday [https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/312890cc-3673-e911-a991-000d3a33a34d] : Microsoft has fixed four new Remote Desktop Services (RDS) vulnerabilities, reminiscent of the BlueKeep [/2019/07/31/bluekeep-cve-2019-0708-for-windows-rdp-what-you-need-to-know/] vulnerability (CVE-2019-0708 [https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708] ) that was patched last May. CVE-2019-11

2 min Vulnerability Management

August 2019 Microsoft Remote Desktop Services (RDP) Patches: What You Need to Know

A new set of vulnerabilities in RDP impact every modern version of Windows. Here's what you need to know.

3 min Vulnerability Management

BlueKeep Exploits May Be Coming: Our Observations and Recommendations

Rapid7 Labs has observed a significant uptick in malicious RDP activity since the release of CVE-2019-0708 (aka “BlueKeep”).

Posts tagged Vulnerability Management

What Is Texas Senate Bill 820, and How Will It Affect Your School District?

Patch Tuesday - November 2019

The Anatomy of RDP Exploits: Lessons Learned from BlueKeep and DejaBlue

5 Steps to Go from Patch Management to Vulnerability Management

InsightVM vs. Managed Vulnerability Management: How to Choose Which Rapid7 Offering Is Right for You

Patch Tuesday - October 2019

Exim Vulnerability (CVE-2019-16928): Global Exposure Details and Remediation Advice

How DHS and MITRE Collaborate to Validate Vulns

Four Ways to Improve Automated Vulnerability Management Efficiency with SOAR

CVE-2019-15846 Privileged Remote Code Execution Vulnerability in the Exim Mailer: What You Need to Know

How to Set Up InsightVM in Your Google Cloud Environment

Automating the Cloud: AWS Security Done Efficiently

Patch Tuesday - August 2019

August 2019 Microsoft Remote Desktop Services (RDP) Patches: What You Need to Know

BlueKeep Exploits May Be Coming: Our Observations and Recommendations

Popular Topics

Tags

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.