10 min
Managed Detection and Response (MDR)
Malvertising Campaign Leads to Execution of Oyster Backdoor
Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and Microsoft Teams.
2 min
Velociraptor
Enhancing Velociraptor with the Cado Security Platform
Velociraptor is a robust open-source tool designed for collecting and querying forensic and incident response artifacts across various endpoints. This powerful tool allows incident responders to effortlessly gather data from remote systems, regardless of their location.
5 min
Artificial Intelligence
Securing AI Development in the Cloud: Navigating the Risks and Opportunities
With the promise of enhanced efficiency, personalization, and innovation, organizations are increasingly turning to cloud environments to develop and deploy these powerful AI and ML technologies.
2 min
Vulnerability Management
The Dreaded Network Pivot: An Attack Intelligence Story
The spiritual successor to our annual Vulnerability Intelligence Report, the AIR includes data from the Rapid7 research team combined with our detection and response and threat intelligence teams.
4 min
Emergent Threat Response
CVE-2024-24919: Check Point Security Gateway Information Disclosure
On May 28, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade.
2 min
Career Development
Celebrating Excellence: Joanne Guariglia and Kelly Hiscoe Recognized as CRN's 2024 Women of the Channel
We are thrilled to announce that two of our exceptional team members, Joanne Guarglia and Kelly Hiscoe, have been recognized as CRN's 2024 Women of the Channel.
10 min
Managed Detection and Response (MDR)
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack
Justice AV Solutions (JAVS) is a U.S.-based company specializing in digital audio-visual recording solutions for courtroom environments.
Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk and should take immediate action.
2 min
Research
Rapid7 Releases the 2024 Attack Intelligence Report
Today, during our Take Command Summit, we released our 2024 Attack Intelligence
Report, which pulls in expertise from our researchers, our detection and
response teams, and threat intelligence teams. The result is the clearest
picture yet of the expanding attack surface
[https://www.rapid7.com/fundamentals/attack-surface/] and the threats security
professionals face every day.
Since the end of 2020, we’ve seen a significant increase in zero-day
exploitation, ransomware attacks, and mass compro
3 min
Events
See a Sneak Peek of Tuesday’s Take Command Summit
In just a few short days, some of the best minds in cybersecurity will come
together at Take Command
[https://rapid7.brighttalk.com/?utm_source=blog&utm_medium=website&utm_content=blog-4&utm_campaign=global-mdr-take-command-summmit-prospect-eng-cyas]
to discuss the most pressing challenges and opportunities we face as an
industry. The sessions include in-depth discussions on attacker trends and
behaviors, a look into the Rapid7 SOC, top guest speakers with unique insights
into the cybersecurity
8 min
Incident Response
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Rapid7 observes ongoing social engineering campaign consistent with Black Basta
2 min
Career Development
Rapid7 Signs 100% Talent Compact with Boston Women’s Workforce Council
Rapid7 is proud to announce their signing of the 100% Talent Compact through the Boston Women’s Workforce Council (BWWC).
1 min
Events
Take Command Summit: A Message from Rapid7 Chairman and CEO, Corey Thomas
The Rapid7 Take Command Summit is just two short weeks away. We’re busy putting together one of the most impactful programs on the latest in cybersecurity trends, technology, and innovations available, and we are eager to share it with all of you.
2 min
Events
The Take Command Summit: A Stacked Agenda, and Killer Guest Speakers Coming Your Way May 21
The Take Command Summit, Rapid7’s day-long virtual summit on May 21, is bringing together some of the best minds in the cybersecurity sphere for comprehensive discussions on the latest data, challenges, and opportunities in the industry
4 min
The Business of Cybersecurity Ownership
Cyber ownership can often be overlooked or misunderstood within an organization. Responsibility and accountability should not rest solely on the CISO's shoulders.
11 min
Velociraptor
Velociraptor 0.7.2 Release: Digging Deeper than Ever with EWF Support, Dynamic DNS and More
Rapid7 is very excited to announce that version 0.7.2 of Velociraptor is now fully available for download. In this post we’ll discuss some of the interesting new features.