5 min
Detection and Response
3 Mistakes Companies Make in Their Detection and Response Programs
We've put together a list of the top mistakes companies make in their D&R programs, as well as tips to overcome or avoid them.
21 min
Vulnerability Disclosure
Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software
Rapid7 discovered vulnerabilities and non-security issues affecting Cisco ASA, ASDM, and FirePOWER Services Software for ASA.
2 min
Detection and Response
OCSF: Working Together to Standardize Data
Rapid7 and other security vendors are collaborating on an Open Cybersecurity Schema Framework (OCSF), an open standard for both data producers and users.
5 min
Public Policy
Navigating the Evolving Patchwork of Incident Reporting Requirements
Rapid7 is supportive of CIRCIA and cyber incident reporting, but we encourage regulators to ensure reporting rules do not impose unnecessary burdens.
11 min
Vulnerability Management
Patch Tuesday - August 2022
Microsoft has patched 141 CVEs in their August 2022 updates, including one zero-day affecting the Microsoft Windows Support Diagnostic Tool (MSDT).
3 min
Managed Detection and Response (MDR)
6 Reasons Managed Detection and Response Is Hitting Its Stride
What’s driving the move to managed detection and response? Let’s take a look at six main factors.
3 min
Career Development
How One Engineer Upskilled Into a Salesforce Engineering Role at Rapid7
When our Engineering team was searching for candidates to help with our Salesforce ecosystem, one engineer stepped up to the challenge of a new role.
4 min
Cybersecurity
No Damsels in Distress: How Media and Entertainment Companies Can Secure Data and Content
As media and entertainment companies grow their cloud footprints, they’re also opening themselves up to vulnerabilities threat actors can exploit.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 8/5/22
Log4Shell in MobileIron Core
Thanks to jbaines-r7 we have yet another
Log4Shell exploit .
Similar to the other Log4Shell exploit modules, the exploit works by sending a
JNDI string that once received by the server will be deserialized, resulting in
unauthenticated remote code execution as the tomcat user. Vulnerable versions of
MobileIron Core have been reported as exploited
5 min
Vulnerability Disclosure
CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE
The VMware Workspace ONE Access, Identity Manager, and vRealize Automation products contain a locally exploitable privilege escalation vulnerability.
4 min
Security Strategy
Building Cybersecurity KPIs for Business Leaders and Stakeholders
In this post, we discuss how to operationalise security into an overall strategy measured by cybersecurity KPIs.
4 min
Events
What We're Looking Forward to at Black Hat, DEF CON, and BSidesLV 2022
Here's a sneak peek of what we have planned from August 9-12 at the all-star lineup of cybersecurity sessions in Las Vegas, including Black Hat 2022.
9 min
Vulnerability Disclosure
QNAP Poisoned XML Command Injection (Silently Patched)
In researching the mystery surrounding alleged exploitation in the wild of CVE-2020-2509, we found what make be an entirely new vulnerability.
2 min
Detection and Response
The Future of the SOC Is XDR
Extended detection and response (XDR) is increasingly gaining traction across the industry.
8 min
Vulnerability Disclosure
Primary Arms PII Disclosure via IDOR (FIXED)
Primary Arms, a popular e-commerce site dealing in firearms and related merchandise, suffers from an insecure direct object reference (IDOR) vulnerability.