Posts by Rapid7

1 min Rapid7 Culture

Boston Business Journal Names Rapid7 as a Best Place to Work in Boston

On June 13th, 2024, Rapid7 was recognized by The Boston Business Journal as a Best Place to Work in Boston. This marks the 13th consecutive year Rapid7 has made the list, this time coming in at #8 in the extra large company category.
2 min Government

Rapid7 completes IRAP PROTECTED assessment for Insight Platform solutions

Rapid7 has successfully completed an Information Security Registered Assessors Program (IRAP) assessment to PROTECTED Level for several of our Insight Platform solutions.

10 min Managed Detection and Response (MDR)

Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz

The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler McGraw, Sarah Lee, and Thomas Elkins. Executive Summary On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Our investigation identified that the suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes on a Windows desktop. Installers for Notezilla, along with tools called RecentX and

4 min Managed Threat Complete

From Top Dogs to Unified Pack

Cybersecurity is as unpredictable as it is rewarding. This means you and your cyber team may find yourselves navigating a complex landscape of multi-cloud environments and evolving compliance requirements.
10 min Managed Detection and Response (MDR)

Malvertising Campaign Leads to Execution of Oyster Backdoor

Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and Microsoft Teams.

2 min Velociraptor

Enhancing Velociraptor with the Cado Security Platform

Velociraptor is a robust open-source tool designed for collecting and querying forensic and incident response artifacts across various endpoints. This powerful tool allows incident responders to effortlessly gather data from remote systems, regardless of their location.
5 min Artificial Intelligence

Securing AI Development in the Cloud: Navigating the Risks and Opportunities

With the promise of enhanced efficiency, personalization, and innovation, organizations are increasingly turning to cloud environments to develop and deploy these powerful AI and ML technologies.
2 min Vulnerability Management

The Dreaded Network Pivot: An Attack Intelligence Story

The spiritual successor to our annual Vulnerability Intelligence Report, the AIR includes data from the Rapid7 research team combined with our detection and response and threat intelligence teams.
4 min Emergent Threat Response

CVE-2024-24919: Check Point Security Gateway Information Disclosure

On May 28, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade.

2 min Career Development

Celebrating Excellence: Joanne Guariglia and Kelly Hiscoe Recognized as CRN's 2024 Women of the Channel

We are thrilled to announce that two of our exceptional team members, Joanne Guarglia and Kelly Hiscoe, have been recognized as CRN's 2024 Women of the Channel.
10 min Managed Detection and Response (MDR)

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Justice AV Solutions (JAVS) is a U.S.-based company specializing in digital audio-visual recording solutions for courtroom environments. Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk and should take immediate action.

2 min Research

Rapid7 Releases the 2024 Attack Intelligence Report

Today, during our Take Command Summit, we released our 2024 Attack Intelligence Report, which pulls in expertise from our researchers, our detection and response teams, and threat intelligence teams. The result is the clearest picture yet of the expanding attack surface and the threats security professionals face every day. Since the end of 2020, we’ve seen a significant increase in zero-day exploitation, ransomware attacks, and mass compromise incidents impacting many organizations worldwide.
3 min Events

See a Sneak Peek of Tuesday’s Take Command Summit

In just a few short days, some of the best minds in cybersecurity will come together at Take Command [https://rapid7.brighttalk.com/?utm_source=blog&utm_medium=website&utm_content=blog-4&utm_campaign=global-mdr-take-command-summmit-prospect-eng-cyas] to discuss the most pressing challenges and opportunities we face as an industry. The sessions include in-depth discussions on attacker trends and behaviors, a look into the Rapid7 SOC, top guest speakers with unique insights into the cybersecurity
8 min Incident Response

Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators

Rapid7 observes ongoing social engineering campaign consistent with Black Basta
2 min Career Development

Rapid7 Signs 100% Talent Compact with Boston Women’s Workforce Council

Rapid7 is proud to announce their signing of the 100% Talent Compact through the Boston Women’s Workforce Council (BWWC).

Popular Topics

Tags