3 min
Compliance
Cloud Audit: Compliance + Automation
Today’s regulatory environment is incredibly fractured and extensive. However, deploying a cloud security posture management (CSPM) can ease the administrative burden associated with staying in compliance.
1 min
Emergent Threat Response
CVE-2022-27518: Critical Fix Released for Exploited Citrix ADC, Gateway Vulnerability
On Tuesday, December 13, 2022, Citrix published Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27518 announcing fixes for a critical unauthenticated remote code execution (RCE) vulnerability.
6 min
Vulnerability Management
Patch Tuesday - December 2022
48 new CVEs (plus 24 affecting Chromium-based Edge) published by Microsoft, including two zero-day vulnerabilities, one of which has been seen actively exploited.
4 min
Cybersecurity
Tis the Season to Be Wary: Three Holiday Shopping Scams To Watch For
The holiday season is a potential goldmine for scammers. Thankfully, if you know what to look for it's relatively easy to stay safe.
2 min
Emergent Threat Response
CVE-2022-42475: Critical Unauthenticated Remote Code Execution Vulnerability in FortiOS; Exploitation Reported
Today FortiGuard Labs published advisory FG-IR-22-398 regarding a “heap-based buffer overflow vulnerability in FortiOS SSL-VPN. FortiGuard Labs has confirmed at least one instance of the vulnerability being exploited in the wild.
1 min
Rapid7 Culture
Rapid7 Recognized as a Top Place to Work for 11th Consecutive Year
On November 30th, 2022, Rapid7 was again recognized by The Boston Globe as a Top Place to Work in Massachusetts. This marks the 11th consecutive year Rapid7 has made the list, this time coming in at #3 in the large company category.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 12/9/22
Login brute-force utility
Jan Rude added a new module that gives users the
ability to brute-force login for Linux Syncovery. This expands Framework's
capability to scan logins to Syncovery, a popular web GUI for backups.
WordPress extension SQL injection module
Cydave , destr4ct , and
jheysel-r7 contributed a new module that takes
advantage of a vulnerable WordPress extension. Thi
1 min
AWS
AWS Graviton Processor Support on Insight Agent
We are pleased to announce that the Insight Agent now supports the AWS Graviton processor. The Insight Agent supports various operating systems using the AWS Graviton processor.
5 min
XDR
2023 Cybersecurity Industry Predictions
Rapid7 has put together a webinar featuring some of Rapid7’s leading thinkers on the subject — and an important voice from a valued customer — to discuss some of the lessons learned and give their take on what 2023 will look like.
3 min
InsightIDR
About Anomalous Data Transfer detection in InsightIDR
Data exfiltration is an unauthorized movement or transfer of data occurring on an organization’s network. Identifying this cyber risk is integral to securing your organization’s network.
3 min
Vulnerability Disclosure
CVE-2022-4261: Rapid7 Nexpose Update Validation Issue (FIXED)
Nexpose version 6.6.172 fixes an issue with how Nexpose validates update packages, CVE-2022-4261.
2 min
Security Strategy
ISO 27001 Certification: What it is and why it matters
Rapid7's ISMS is ISO 27001 certified. This certification validates that our security strategy and processes meet very high standards and underscores our commitment to corporate and customer data security.
2 min
IoT
Get your head in the cloud(s)
Many organizations are in the midst of adopting the cloud faster than ever before; it’s arguably mission critical for their success and longevity.
1 min
Android
Leaked Android Platform Certificates Create Risks for Users
A new report contains 10 different platform certificates and malware sample SHA256 sums where the malware sample had been signed by a platform certificate.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 12/2/22
ProxyNotShell
This week's Metasploit release includes an exploit module for CVE-2022-41082,
AKA ProxyNotShell by DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q, Orange Tsai
, Piotr Bazydło
, Rich Warren
, Soroush Dalili
, and our very own Spencer McIntyre . The
vulnerability CVE-2022-41082, AKA ProxyNotShell is a deserialization flaw in
Microsoft Exchang