10 min
Research
Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer and Qakbot Malware
Recently, Rapid7 observed malicious actors using OneNote files to deliver malicious code. This post details our findings.
3 min
Detection and Response
The High Cost of Human Error In OT Systems
Nearly 80% of respondents to a recent SCADAfence survey said human error presents the greatest risk to OT control systems.
1 min
Government
Rapid7 Now Available Through Carahsoft’s NASPO ValuePoint
Rapid7’s solutions have been added to the NASPO ValuePoint Cloud Solutions contract held by Carahsoft Technology Corp. The addition of this contract enables Carahsoft and its reseller partners to provide Rapid7’s Insight platform to participating SLED institutions.
1 min
Government
Rapid7 Added to Carahsoft GSA Schedule Contract
We are happy to announce that Rapid7 has been added to Carahsoft’s GSA Schedule contract, making our suite of comprehensive security solutions widely available to Federal, State, and Local agencies through Carahsoft and its reseller partners.
4 min
Cloud Security
Cloud Security and Compliance Best Practices: Highlights From The CSA Cloud Controls Matrix
In this blog post, we’ll dive into one of the most commonly-used cloud security standards for large, multi-cloud environments: the CSA Cloud Controls Matrix (CCM).
1 min
Lost Bots
[The Lost Bots] S02E06: Play “Experts or Scuttlebutt?” With Us
As the year winds down, we collected predictions that were made for 2022, and new ones for 2023. Then, we asked our Rapid7 colleagues to decide if the prediction was made by a cybersecurity expert—or if it was scuttlebutt.
1 min
Rapid7 Culture
Rapid7 Recognized as a Top Place to Work for 11th Consecutive Year
On November 30th, 2022, Rapid7 was again recognized by The Boston Globe as a Top Place to Work in Massachusetts. This marks the 11th consecutive year Rapid7 has made the list, this time coming in at #3 in the large company category.
3 min
InsightIDR
Search Made Easy: InsightIDR’s Secret Weapon for Efficiency and Efficacy
InsightIDR has lots of features that have enabled my organization to identify and respond more easily to threats. In this blog post, I’m going to share some insight into my favorite – InsightIDR’s Log Search function.
3 min
Application Security
Rapid7 Takes Home 2 Awards and a Highly Commended Recognition at the 2022 Belfast Telegraph IT Awards
Rapid7 was honored at the Belfast Telegraph's annual IT Awards, Friday, taking home a pair of awards including the coveted “Best Place to Work in IT” in the large company category award, and the “Cyber Security Project of the Year” award.
2 min
Emergent Threat Response
CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities
On November 8, 2022, Citrix published Citrix Gateway and Citrix ADC Security
Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516
[https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516]
announcing fixes for three vulnerabilities:
* CVE-2022-27510 [https://nvd.nist.gov/vuln/detail/CVE-2022-27510]
“Unauthorized access to Gateway user capabilities”
* CVE-2022-27513 [https://nvd.nist.gov/vuln/detai
1 min
Emergent Threat Response
Rapid7’s Impact from OpenSSL Buffer Overflow Vulnerabilities (CVE-2022-3786 & CVE-2022-3602)
CVE-2022-3786 & CVE-2022-3602 vulnerabilities affecting OpenSSL’s 3.0.x versions both rely on a maliciously crafted email address in a certificate.
1 min
Emergent Threat Response
Rapid7’s Impact from Apache Commons Text Vulnerability (CVE-2022-42889)
CVE-2022-42889 is a vulnerability in the popular Apache Commons Text library that can result in code execution when processing malicious input.
3 min
Vulnerability Management
Common questions when evolving your VM program
A recent webinar led by two of Rapid7’s leaders, Peter Scott and Cindy Stanton explored the specific challenges of managing the evolution of risk across traditional and cloud environments.
3 min
Emergent Threat Response
CVE-2022-3786 and CVE-2022-3602: Two High-Severity Buffer Overflow Vulnerabilities in OpenSSL Fixed
The Rapid7 research team will update this blog post as we learn more details
about this vulnerability and its attack surface area.
The OpenSSL [https://www.openssl.org/] project released
[https://www.openssl.org/news/cl30.txt] version 3.0.7 on November 1, 2022, to
address CVE-2022-3786 and CVE-2022-3602
[https://www.openssl.org/news/secadv/20221101.txt], two high-severity
vulnerabilities affecting OpenSSL’s 3.0.x version stream discovered and reported
by Polar Bear and Viktor Dukhovni. OpenSSL
3 min
7 Rapid Questions
7 Rapid Questions with Toshio Honda, Sr. Security Solutions Engineer
Rapid7 sat down with Senior Security Solutions Engineer, Toshio Honda, to discuss their career and time at Rapid7.
