3 min
Application Security
It’s the Summer of AppSec: Q2 Improvements to Our Industry-Leading DAST and WAAP
Summer is in full swing, and that means soaring temps, backyard grill-outs, and the latest roundup of Q2 application security improvements from Rapid7.
4 min
Career Development
Creating an Exceptional Workplace: Building and Expansion in a Post-COVID World
Rapid7 is celebrating the opening of its newly expanded and designed Reading, UK office, located in the Thames Valley District at Forbury Place.
7 min
Vulnerability Management
Patch Tuesday - July 2022
One 0-day vulnerability, four Critical RCEs, and a whole bunch of fixes for Azure Site Recovery.
5 min
Career Development
The Forecast Is Flipped: Flipping L&D to Ensure Continuous Growth
Here's how Rapid7 moved away from a one-size-fits-all approach to learning and put our Moose in the driver's seat of their development.
4 min
Cloud Security
3 Key Challenges for Cloud Identity and Access Management
Here are three of the main challenges that security teams face when implementing a cloud IAM solution, as well as some strategies to help tackle them.
7 min
Detection and Response
Rapid7 MDR Reduced Breaches by 90% via Greater Efficiency to Detect, Investigate, Respond to, and Remediate Breaches
No team can investigate every alert, but forging a valuable partnership with a an MDR provider can provide near-immediate headcount extension to your SOC.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 7/8/22
DFSCoerce - Distributing more than just files
DFS (Distributed File System) is now distributing Net-NTLM credentials thanks to
Spencer McIntyre with a new
auxiliary/scanner/dcerpc/dfscoerce module that is similar to PetitPotam in how
it functions. Note that unlike PetitPotam, this technique does require a normal
domain user’s credentials to work.
The following shows the workflow for targeting a 64-bit Windows Server 2019
domain controller. Metasploit is hostin
2 min
Research
Today’s SOC Strategies Will Soon Be Inadequate
New research sponsored by Rapid7 explores the momentum behind SOC modernization and the role extended detection and response (XDR) plays.
5 min
Security Strategy
How to Build and Enable a Cyber Target Operating Model
In a recent webinar, Rapid7's EMEA CTO Jason Hart explained the journey to a targeted operating cybersecurity model.
2 min
Emergent Threat Response
Exploitation of Mitel MiVoice Connect SA CVE-2022-29499
Rapid7 MDR analysts have observed a small number of intrusions leveraging CVE-2022-29499, a data validation vulnerability in MiVoice Connect.
3 min
Ransomware
For Finserv Ransomware Attacks, Obtaining Customer Data Is the Focus
We found customer data in the overwhelming majority of data disclosures from ransomware attacks against the financial services industry.
3 min
Detection and Response
What's New in InsightIDR: Q2 2022 in Review
Here's a look at some of the latest investments we've made to InsightIDR to drive detection and response forward for your organization.
5 min
Cloud Security
Cloud Complexity Requires a Unified Approach to Assessing Risk
As organizations move to the public cloud, there is an increasing need for a security strategy that aligns with the varied states of cloud maturity.
2 min
Metasploit
Metasploit Weekly Wrap-Up: Jul. 1, 2022
SAMR Auxiliary Module
A new SAMR auxiliary module has been added that allows users to add, lookup, and
delete computer accounts from an AD domain. This should be useful for pentesters
on engagements who need to create an AD account to gain an initial foothold into
the domain for lateral movement attacks, or who need to use this functionality
as an attack primitive.
Note when using this module that there is a standard number of computers a user
can add, so be wary that you may get STATUS_DS_MACH
2 min
Career Development
Rapid7 Belfast Recognized for “Company Connection” During COVID-19 Pandemic
Irish News has recognized Rapid7 in its Workplace and Employment Awards, where we’ve taken home the trophy for Best Company Connection.