Incident Response Services
Penetration Testing Services
IoT Security Services
Training & Certification
Managed Vulnerability Management
Managed Application Security
Managed Detection & Response
Find a Partner
Rapid7 Insight is your home for SecOps, equipping you with the visibility, analytics, and automation you need to unite your teams and amplify efficiency.
Insight Cloud Overview Try Now
User Behavior Analytics & SIEM
Orchestration & Automation
Need a hand with your security program? From planning and strategy to full service support, our experts have you covered.
Need immediate help with a breach?
Summer is in full swing, and while many people spend these months taking time off to travel, relax, or head to Hacker Summer Camp in the sweltering Las Vegas sun, networks are still at risk and need to be defended. In the second quarter of 2018, we continued to see high levels of activities aimed at identifying and compromising systems of interest, whether the attackers’ plan was to steal financial information or, as we see more and more, steal other sensitive information such as credentials that can be used for a variety of information based operations.
Credential theft continued:We saw a continued emphasis on credential theft and account leaks across all industries, along with an increase in remote access attempts.
Make way for RDP:In addition to Microsoft’s Server Message Block (SMB) protocol, adversaries demonstrated interest in Microsoft’s Remote Desktop Protocol (RDP), with many of the access attempts utilizing brute force methods for gaining access.
Burgeoning botnets:Botnet wranglers definitely did not take any vacation time in Q2. Our Heisenberg honeypot nodes caught numerous attempts to inventory and usurp various devices and services this quarter, including campaigns against a cadre of routers, Android debugger-enabled systems, Drupal, and WebLogic.
Register for the webcast (August 23, 2 p.m. ET/11 a.m. PT): Hear directly from the researchers on what these trends mean for the rest of 2018.