3 min
Automation and Orchestration
How Security Automation Enables Business Agility
How can any organization’s security team balance these priorities in a rapidly shifting security landscape while staying agile? Automation.
3 min
Vulnerability Management
Why Most Vulnerability Management Programs Fail and What You Can Do About It
In our latest webcast, we explain why most vulnerability management programs fail and what you can do to avoid the same fate.
4 min
Vulnerability Management
Checkmate! How to Win at Vulnerability Management Using the Game of Chess
Because the mindset you use to win at chess is the same one you should strive for as an information security professional, you can learn a lot by examining its rules, players, and strategy.
4 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 2/22/19
Document ALL THE THINGS!
This release sees quite a bit of documentation added with a module doc from
bcoles and four new module docs from newer docs contributor Yashvendra
. Module docs can be viewed with info -d and are
extremely helpful for getting acquainted with a modules capabilities and
limitations. We greatly value these contributions because, while not cool h4x0r
features by themselves, each one means that fewer people have to read the code
to understand ho
3 min
Vulnerability Management
Drupal Core Remote Code Execution (CVE-2019-6340): What You Need to Know
On Wednesday, Feb. 20, 2019, the Drupal Core team provided an early-warning update for the third Drupal Core Security Alert of 2019, which has been assigned CVE-2019-6340.
6 min
IoT
[IoT Security] Introduction to Embedded Hardware Hacking
Many security professionals and researchers are intrigued by the idea of opening up and exploring embedded technologies but aren’t sure where to start.
12 min
Exploits
Stack-Based Buffer Overflow Attacks: Explained and Examples
Stack-based buffer overflow exploits are likely the shiniest and most common form of exploit for remotely taking over the code execution of a process.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 2/15/19
Crock-Pot cooking with Metasploit
Belkin's Wemo line of smart home
devices offers users a variety of internet-connected gadgets and gizmos they can
control around the home. One of those happens to be a Crock-Pot
. We went ahead and bought one.
Naturally, it made sense for us to write a module
9 min
Research
Level Up Your Internet Intelligence Using the Rapid7 Open Data API and R
Let's take a look at how you can use ropendata in R to search for available studies, download datasets, and explore the data.
2 min
Patch Tuesday
Patch Tuesday - February 2019
Microsoft got back in the swing of things today after a couple of relatively
light months, with over 70 separate CVEs
being addressed.
The usual suspects got patches, including Windows, Office, Browsers (including
Adobe Flash
),
.NET Framework, SharePoint, Exchange, and another slew of JET Database Engi
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 2/8/19
Ubiquitous Devices
Our Rapid7 Labs team pulled the thread
on some recent buzz around exploitable Ubiquiti devices, which led to a new
scanner module (
auxiliary/scanner/ubiquiti/ubiquiti_discover.rb) from jhart-r7
. This module uses a simple UDP protocol to
identify potentially exploitable Ubiquiti devices on your network, a
3 min
Incident Detection
How to Alert on Rogue DHCP Servers
How to alert on rogue DHCP servers using network traffic as a data source. We look at how you can use Wireshark or LANGuardian to detect DHCP servers.
8 min
Vulnerability Management
Understanding Ubiquiti Discovery Service Exposures
On Jan. 29, the Rapid7 Labs team was informed of a tweet by Jim Troutman indicating that Ubiquiti devices were being exploited and used to conduct denial-of-service attacks using a service on 10001/UDP.
4 min
InsightVM
Did You Remediate That? How to Integrate Vulnerability Remediation Projects with Your IT Infrastructure
Remediation projects in InsightVM enable you to follow a vulnerability remediation task from beginning to end by leveraging automation-assisted patching.
4 min
Automation and Orchestration
How Security Orchestration & Automation Can Add Immediate Value
Thanks to security orchestration and automation (SOAR), it is possible to work efficiently with the resources you already have.