Posts by Tom Sellers

6 min Research

For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy

When it comes to the state of patching for recent Exchange Server vulnerabilities, the picture is more incomplete than you'd think.

5 min Research

Microsoft Exchange 2010 End of Support and Overall Patching Study

Today's topic is Exchange 2010, which reaches end of support (EoS) on Oct. 13, 2020, as well as a survey of other versions of Exchange and how well they are being kept up-to-date.

7 min Microsoft

Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)

As of March 24, there were over 350,000 Microsoft Exchange servers exposing a version of the software with a vulnerability.

5 min Research

DOUBLEPULSAR over RDP: Baselining Badness on the Internet

How many internet-accessible RDP services have the DOPU implant installed? How much DOPU-over-RDP traffic do we see being sprayed across the internet?

4 min Honeypots

Apache Struts Vulnerability (CVE-2017-5638) Exploit Traffic

UPDATE - March 10th, 2017: Rapid7 added a check that works in conjunction with Nexpose's web spider functionality. This check will be performed against any URIs discovered with the suffix “.action” (the default configuration for Apache Struts apps). To learn more about using this check, read this post [https://www.rapid7.com/blog/post/2017/03/15/using-web-spider-to-detect-vulnerable-apache-struts-apps-cve-2017-5638/] . UPDATE - March 9th, 2017: Scan your network for this vulnerability [https://

6 min Rapid7 Perspective

Conflicting perspectives on the TLS 1.3 Draft

In the security industry, as in much of life, a problem we often face is that of balance. We are challenged with finding the balance between an organization's operational needs and the level of security that can be implemented. In many situations an acceptable, if less than optimal, solution can be found but there are cases where this balance cannot be achieved. I recently saw a case of this [https://mailarchive.ietf.org/arch/msg/tls/KQIyNhPk8K6jOoe2ScdPZ8E08RE/] on the mailing list of the IETF

5 min CIS Controls

Using CIS Controls To Stop Your Network From Falling in With the Wrong Crowd

Earlier this month Kyle Flaherty wrote a post [https://www.rapid7.com/blog/post/2016/10/06/rapid7-on-top-in-sans-critical-security-controls/] on the Rapid7 Community Blog about how Rapid7 came out on top for coverage of the Center for Internet Security (CIS) Top 20 Security Controls [https://www.cisecurity.org/controls]. In light of recent DDoS events I'd like to take a little time to discuss at a high level what the controls are, how they would help, and what organizations can do to improve th

9 min Project Sonar

Project Sonar Study of LDAP on the Internet

The topic of today's post is a Rapid7 Project Sonar [https://sonar.labs.rapid7.com/] study of publicly accessible LDAP services on the Internet. This research effort was started in July of this year and various portions of it continue today.  In light of the Shadowserver Foundations's recent announcement [https://ldapscan.shadowserver.org/] regarding the availability relevant reports we thought it would be a good time to make some of our results public. The study was originally intended to be a