All Posts

2 min Detection and Response

Automated remediation level 1: Lock down fundamentals

Ensuring visibility across teams is a critical component in a shared data set where everyone can come to the same conclusions. And if this understanding and trust between teams is achieved, then you might be ready to get into the particulars of automated remediation.

3 min Metasploit

Metasploit Wrap-Up

NSClient++ Community contributor Yann Castel has contributed an exploit module for NSClient++ which targets an authenticated command execution vulnerability. Users that are able to authenticate to the service as admin can leverage the external scripts feature to execute commands with SYSTEM level privileges. This allows the underlying server to be compromised. Castel is also working on another exploit module for NSClient++ which happens to be a local privilege escalation so stay tuned for more N

3 min Detection and Response

Attack Surface Analysis Part 1: Vulnerability Scanning

In this three-part series, we’ll explore key considerations and strategies for choosing an attack surface analysis strategy. We’ll start with vulnerability assessment below.

1 min Security Nation

[Security Nation] Jeff Man on Mapping the MITRE ATT&CK Framework Against PCI

In this episode of Security Nation, we are joined by Jeff Man, who talks about his work mapping the MITRE ATT&CK Framework against PCI.

8 min Vulnerability Disclosure

Akkadian Provisioning Manager Multiple Vulnerabilities Disclosure

Researchers discovered a trio of vulnerabilities in the Akkadian Provisioning Manager version 4.50.18.

5 min Vulnerability Management

Patch Tuesday - June 2021

It is another low volume Patch Tuesday this month as Microsoft releases fixes for 50 vulnerabilities. This should not diminish the importance of speedily applying the updates. 6 of the vulnerabilities being patched this month are 0-days under active exploitation (CVE-2021-31955 [https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31955], CVE-2021-31956 [https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31956], CVE-2021-33739 [https://msrc.microsoft.com/updat

2 min Cloud Security

Action! Start putting automation into practice.

In our new blog series, we’ll talk about the challenges of leveraging automation and actually putting it into practice for your organization and business.

2 min Kill Chain

Kill chains: Part 2→Strategic and tactical use cases

Let’s now take a look at how you can leverage the different kill chains to overcome vulnerabilities and win the day against attackers.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Two new modules and a few enhancements and fixes, including improvements to the analyze command.

3 min Identity Access Management

All about the boundaries: The cloud IAM lifecycle approach

Implementing cloud Identity Access Management (IAM) boundaries can seem like an oxymoron in the midst of rapid growth or need for access as new personnel, teams, or supply-chain partners come online.

9 min Public Policy

Proposed security researcher protection under CFAA

Rapid7 views independent cybersecurity research and the security community as important drivers for advancing cybersecurity for all, a core value for Rapid7. One way we take action on this value is by supporting protection for security researchers acting in good faith.

2 min Public Policy

Supreme Court narrows CFAA

The Supreme Court interprets the CFAA narrowly. This avoids over-criminalizing cybersecurity research and commonplace internet activity, though may raise concerns about insider threats.

4 min Vulnerability Disclosure

CVE-2021-3198 and CVE-2021-3540: MobileIron Shell Escape Privilege Escalation Vulnerabilities

Discovered by Rapid7 researcher William Vu, Ivanti MobileIron Core versions 10.7.0.1-9 and 11.0.0.1-3 suffer from 2 restricted-shell escape vulnerabilities.

4 min Application Security

Rapid7 Named a Visionary in 2021 Gartner Magic Quadrant for Application Security Testing

Rapid7 is excited to share that we have been recognized as a Visionary in the 2021 Gartner Magic Quadrant for Application Security Testing (AST)

3 min DevOps

Creating coefficiency: DevOps, Security, and Compliance

The ultimate goal on the security horizon is, of course, to prevent risks and misconfigurations before runtime. This won’t always happen, but teams can still get into a rhythm where runtime mistakes become the exception rather than the rule.