All Posts

CVE-2022-1026: Kyocera Net View Address Book Exposure

Rapid7 researcher Aaron Herndon has discovered that several models of Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information.

4 min Awards

Rapid7 Announces Partner of the Year Awards 2022 Winners

It’s with immense pleasure that we announce the winners of the Rapid7 Partner of the Year Awards 2022.

4 min Research

Analyzing the Attack Landscape: Rapid7’s 2021 Vulnerability Intelligence Report

Rapid7’s 2021 Vulnerability Intelligence Report provides a landscape view and expert analysis of critical vulnerabilities and threats.

5 min Metasploit Weekly Wrapup

Metasploit Weekly Wrap-Up: Mar. 25, 2022

Capture Plugin Capturing credentials is a critical and early phase in the playbook of many offensive security testers. Metasploit has facilitated this for years with protocol-specific modules all under the auxiliary/server/capture. Users can start and configure each of these modules individually, but now the capture plugin can streamline the process. The capture plugin can easily start 13 different services (17 including SSL enabled versions) on the same listening IP address including remote int

4 min Russia-Ukraine Conflict

The Digital Citizen’s Guide to Navigating Cyber Conflict

In this post, we provide advice for non-security-pro digital citizens to protect themselves and, by extension, help protect their organizations.

5 min Ransomware

4 Fallacies That Keep SMBs Vulnerable to Ransomware, Pt. 1

In this two-part blog series, we will present four common mistakes SMBs make when thinking about ransomware risk.

8 min Career Development

Reflecting on Women’s History Month at Rapid7

During Women’s History Month, we invited some of our team members to share their best advice for other women in technology.

3 min Detection and Response

SIEM and XDR: What’s Converging, What’s Not

XDR aims to solve the challenges of the SIEM tool for effective detection and response to targeted attacks.

2 min Cloud Security

Rapid7 Recognized as Top Ranked in Forrester Wave™ for Cloud Workload Security

We’re excited to share that Rapid7 has been recognized as a Strong Performer in the Forrester Wave™: Cloud Workload Security, Q1 2022.

5 min Russia-Ukraine Conflict

8 Tips for Securing Networks When Time Is Scarce

In light of increased cyber risk surrounding the Russia-Ukraine conflict, we’ve put together 8 tips that defenders can take right now to prepare.

4 min Research

Cloud Pentesting, Pt. 1: Breaking Down the Basics

More and more customers are looking to get a pentest done in their cloud deployment. What does that mean?

3 min Metasploit

Metasploit Weekly Wrap-Up: Mar. 18, 2022

CVE-2022-21999 - SpoolFool Our very own Shelby Pace has added a new module for the CVE-2022-21999 SpoolFool privilege escalation vulnerability . This escalation vulnerability can be leveraged to achieve code execution as SYSTEM. This new module has successfully been tested on Windows 10 (10.0 Build 19044) and Windows Server 2019 v1809 (Build 17763.1577). CVE-2021-4191 - Gitlab GraphQL API User E

2 min InsightIDR

3 Ways to Leverage the MITRE ATT&CK Framework

The MITRE ATT&CK framework strengthens experiences within InsightIDR by providing context, evidence, and recommendations all in one place.

4 min Vulnerability Management

The VM Lifecycle: How We Got Here, and Where We’re Going

In this post, we explore the concept of a vulnerability management lifecycle, providing practical guidance and definitions.

2 min Threat Intel

Cybercriminals’ Recruiting Effort Highlights Need for Proper User Access Controls

The Lapsus$ ransomware gang’s modus operandi seems to be evolving.