All Posts

How to Automate Phishing Investigations and Remediation

Here are four ways security orchestration and automation (SOAR) tools can streamline the phishing investigation process.

18 min Windows

Heap Overflow Exploitation on Windows 10 Explained

Heap corruption can be a scary topic. In this post, we go through a basic example of a heap overflow on Windows 10.

5 min Research

Industry Cyber-Exposure Report: FTSE 250+

Today, Rapid7 released our third Industry Cyber-Exposure Report, examining the overall exposure of the companies listed in the FTSE 250 index.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 6/7/19

Read up on how the recent community hackathon in Austin went, three new modules, and the usual long list of fixes and enhancements.

3 min Windows

Microsoft Windows RDP Network Level Authentication Bypass (CVE-2019-9510)

CERT/CC has released an advisory regarding discovered behavior in the Microsoft Windows Remote Desktop Protocol (RDP), which can allow an attacker to bypass the lock screen on some remote sessions.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 5/31/19

Unauthenticated scanner for BlueKeep, community hackathon in Austin, and the usual long list of fixes and enhancements.

7 min Application Security

Hidden Helpers: Security-Focused HTTP Headers

This blog includes real-world scenarios in which attackers can manipulate unsecured HTTP headers and how to prevent your organization from falling victim.

3 min Vulnerability Management

Why Patch Management Is Crucial for Securing Your Organization

With the deluge of assets flooding corporate networks, organizations need to have a solid patch management strategy in place.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 5/24/19

BSD love Outside of macOS, not many people run (or run into) a BSD-flavored system very often. Even still, bcoles and space-r7 teamed up for a pair of BSD enhancements. The first, a privilege escalation, affects FreeBSD's runtime linker dealing with LD_PRELOAD in FreeBSD 7.1, 7.2, and 8.0. The next enhancement adds BSD targets to our known-credential ssh executor which now allows BSD-specific payloads. Not wanting macOS to be left out ti

3 min InsightCloudSec

What Is Cloud Security Posture Management (CSPM)?

As the cloud grows, so too does the playing field of participants. Between infrastructure management (IaaS, PaaS, fPaaS, SaaS, Raas) security, CI/CD, and trying to navigate all of the nuances in between, it’s difficult to keep track of what each category of tooling includes.

2 min SIEM

SIEM Delivery Models: Where Do Today’s Risks and Future Technology Lead Us?

Recently, we partnered with Ultimate IT Security to discuss the current and future state of SIEM technology, and how it’s evolving to address current risks.

9 min Vulnerability Disclosure

Investigating the Plumbing of the IoT Ecosystem (R7-2018-65, R7-2019-07) (FIXED)

Two vulnerabilities have been disclosed for Eaton's Home Lighting HALO Home Smart Lighting System and BlueCats' AA Beacon.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: May 17, 2019

Take a moment from this week's barrage of vulnerabilities in seemingly everything to see the cool stuff happening with the Metasploit team of contributors: a video interview between two greats, a new exploit module in GetSimple CMS, and a whole host of improvements.

4 min Rapid7 Culture

The Last Chip

You can learn a lot about an organization—and its leadership team—by eating chips at the airport waiting for a delayed flight.