All Posts

4 min Cybersecurity

4 Strategies to Help Your Cybersecurity Budget Work Harder

Cybersecurity is a growing concern for organisations across all industries, and budget requests are increasing as a result.

1 min Emergent Threat Response

CVE-2022-27511: Citrix ADM Remote Device Takeover

On Monday, June 14, 2022, Citrix published an advisory on CVE-2022-27511, a critical improper access control vulnerability affecting their ADM product.

5 min Events

Security Is Shifting in a Cloud-Native World: Insights From RSAC 2022

Here's a closer look at what two Rapid7 presentations from RSAC 2022 had to say about security in a cloud-native world.

4 min Ransomware

New Report Shows What Data Is Most at Risk to (and Prized by) Ransomware Attackers

"Pain Points: Ransomware Data Disclosure Trends" reveals a story of how ransomware attackers think, what they value, and how they apply pressure.

3 min Ransomware

Complimentary GartnerⓇ Report "How to Respond to the 2022 Cyberthreat Landscape": Ransomware Edition

The complimentary GartnerⓇ report “How to Respond to the 2022 Cyberthreat Landscape"will help you understand and defend against the ransomware threat.

6 min Patch Tuesday

Patch Tuesday - June 2022

Patches for Follina, more NFS and LDAP vulnerabilities, and the beginning of the end for IE11.

3 min Vulnerability Disclosure

CVE-2022-32230: Windows SMB Denial-of-Service Vulnerability (FIXED)

With CVE-2022-32230, a remote and unauthenticated attacker can trigger a denial-of-service condition on Microsoft Windows Domain Controllers.

5 min Events

Defending Against Tomorrow's Threats: Insights From RSAC 2022

Here's a closer look at what some Rapid7 experts who presented at RSAC 2022 had to say about staying ahead of attackers in the months to come.

2 min Metasploit

Metasploit Weekly Wrap-Up

A Confluence of High-Profile Modules This release features modules covering the Confluence remote code execution bug CVE-2022-26134 and the hotly-debated CVE-2022-30190, a file format vulnerability in the Windows Operating System accessible through malicious documents. Both have been all over the news, and we’re very happy to bring them to you so that you can verify mitigations and patches in your infrastructure. If you’d like to read more about these vulnerabilities, Rapid7 has AttackerKB analy

2 min Events

[VIDEO] An Inside Look at the RSA 2022 Experience From the Rapid7 Team​

We asked four Rapid7 team members to tell us a little bit about their RSAC 2022 experience.

9 min Metasploit

Announcing Metasploit 6.2

Metasploit 6.2.0 has been released, marking another milestone that includes new modules, features, improvements, and bug fixes.

1 min Security Nation

[Security Nation] Phillip Maddux on HoneyDB, the Open-Source Honeypot Data Project

In this episode, Jen and Tod chat with Phillip Maddux about HoneyDB, a site that collates data from honeypots around the world in an open-source format.

4 min Cloud Security

Identifying Cloud Waste to Contain Unnecessary Costs

Cloud environments often increase complexity, which can make managing costs in the cloud more difficult.

4 min Research

The Hidden Harm of Silent Patches

Silent patches limit who understands how to exploit a vulnerability, which sounds like a great plan — but there's a catch.

3 min Research

Evaluating the Security of an Enterprise IoT Deployment at Domino's Pizza

Recently, I had a great opportunity to work with Domino's Pizza to evaluate an internally conceived Internet of Things (IoT)-based business solution.