4 min
Artificial Intelligence
AI Trust Risk and Security Management: Why Tackle Them Now?
In the evolving world of artificial intelligence (AI), keeping our customers secure and maintaining their trust is our top priority.
8 min
Patch Tuesday
Patch Tuesday - May 2024
Zero-days in DWM, MSHTML, and Visual Studio. SharePoint critical post-auth RCE. Remote Access repatch. Mobile Broadband USB vulns.
3 min
Managed Detection and Response (MDR)
5 key MDR differentiators to look for to build stronger security resilience
Organizations looking to address the skills gap and bring greater efficiency as their business grows and their attack surface sprawls are turning to MDR providers at an accelerated pace. We’ve seen predictions from top analyst firms signaling the rapid rate of adoption of an MDR provider by 2025.
15 min
Managed Detection and Response (MDR)
Ongoing Malvertising Campaign leads to Ransomware
Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains.
5 min
Gartner
Rapid7 Recognized in the 2024 Gartner® Magic Quadrant™ for SIEM
Rapid7 is excited to share that we are named a Challenger for InsightIDR in the 2024 Gartner Magic Quadrant for SIEM.
2 min
Metasploit
Metasploit Wrap-Up 05/10/2024
Password Spraying support
Multiple bruteforce/login scanner modules have been updated to support a
PASSWORD_SPRAY module option. This work was completed in pull request #19079
[https://github.com/rapid7/metasploit-framework/pull/19079] from nrathaus
[https://github.com/nrathaus] as well as an additional update from our
developers [https://github.com/rapid7/metasploit-framework/pull/19158] . When
the password spraying option is set, the order of attempted users and password
attempts are changed
8 min
Incident Response
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Rapid7 observes ongoing social engineering campaign consistent with Black Basta
2 min
Ransomware
Layered Defense to Stop Attacks Before they Begin
Ransomware has evolved from opportunistic attacks to highly orchestrated campaigns driven by cyber criminals who are seeking high financial gains.
2 min
Career Development
Rapid7 Signs 100% Talent Compact with Boston Women’s Workforce Council
Rapid7 is proud to announce their signing of the 100% Talent Compact through the Boston Women’s Workforce Council (BWWC).
1 min
Events
Take Command Summit: A Message from Rapid7 Chairman and CEO, Corey Thomas
The Rapid7 Take Command Summit is just two short weeks away. We’re busy putting together one of the most impactful programs on the latest in cybersecurity trends, technology, and innovations available, and we are eager to share it with all of you.
2 min
Metasploit
Metasploit Weekly Wrap-Up 05/03/24
Dump secrets inline
This week, our very own cdelafuente-r7 [https://github.com/cdelafuente-r7] added
a significant improvement to the well-known Windows Secrets Dump module
[https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/windows_secrets_dump.rb]
to reduce the footprint when dumping SAM hashes, LSA secrets and cached
credentials. The module is now directly reading the Windows Registry remotely
without having to dump the full registry keys to disk and parse th
2 min
Events
The Take Command Summit: A Stacked Agenda, and Killer Guest Speakers Coming Your Way May 21
The Take Command Summit, Rapid7’s day-long virtual summit on May 21, is bringing together some of the best minds in the cybersecurity sphere for comprehensive discussions on the latest data, challenges, and opportunities in the industry
4 min
The Business of Cybersecurity Ownership
Cyber ownership can often be overlooked or misunderstood within an organization. Responsibility and accountability should not rest solely on the CISO's shoulders.
11 min
Velociraptor
Velociraptor 0.7.2 Release: Digging Deeper than Ever with EWF Support, Dynamic DNS and More
Rapid7 is very excited to announce that version 0.7.2 of Velociraptor is now fully available for download. In this post we’ll discuss some of the interesting new features.
4 min
Metasploit
Metasploit Weekly Wrap-Up 04/26/24
Rancher Modules
This week, Metasploit community member h00die [https://github.com/h00die] added
the second of two modules targeting Rancher instances. These modules each leak
sensitive information from vulnerable instances of the application which is
intended to manage Kubernetes clusters. These are a great addition to
Metasploit’s coverage for testing Kubernetes environments
[https://docs.metasploit.com/docs/pentesting/metasploit-guide-kubernetes.html].
PAN-OS RCE
Metasploit also released an e