All Posts

Dropping Files on a Domain Controller Using CVE-2021-43893

On December 14, 2021, during the Log4Shell chaos, Microsoft published CVE-2021-43893, a remote privelege escalation vulnerability affecting Windows EFS.

2 min Metasploit

Metasploit Wrap-Up: Feb. 11, 2022

Welcome, Little Hippo: PetitPotam Our very own @zeroSteiner ported the PetitPotam exploit to Metasploit this week. This module leverages CVE-2021-36942 , a vulnerability in the Windows Encrypting File System (EFS) API, to capture machine NTLM hashes. This uses the EfsRpcOpenFileRaw function of t

4 min Career Development

The Forecast Is Flipped: How Rapid7 Is Flipping L&D for the Future of Work

Rapid7’s People Development team is leaning into innovation, striving to define the next best practice, and reimagining the possibilities of hybrid learning through flipped content.

4 min Research

Evolving How We Share Rapid7 Research Data

Our goal for Open Data has been to enable others to participate in these efforts, increasing the positive impact across the community.

6 min Vulnerability Management

Patch Tuesday - February 2022

February 2022's fixes from Microsoft are relatively light as far as Patch Tuesdays go.

4 min Threat Intel

The Big Target on Cyber Insurers' Backs

According to our research, cyber insurance providers are highly targeted in the insurance space. Find out why and what they can do to protect themselves.

3 min Cloud Security

Why Security in Kubernetes Isn't the Same as in Linux: Part 2

Security for Kubernetes might not be quite the same as what you're used to. This post covers the security concerns unique to Kubernetes.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: Feb. 4, 2022

A new NOP module, improvements to RPC functionality and PHP Meterpreter, and WordPress and Cisco RV exploits.

2 min Career Development

7 Rapid Questions With Our APAC Sales Manager, Soumi

For this installment of 7 Rapid Questions, we sat down with Soumi Mukherjee, APAC Sales Manager - ANZ North Sales.

6 min Detection and Response

Velociraptor Version 0.6.3: Dig Deeper With More Speed and Scalability

Velociraptor release 0.6.3 has been in the making for a few months now and has several exciting new features.

3 min Detection and Response

Demystifying XDR: Where SIEM and XDR Collide

Forrester analyst Allie Mellen shares her perspective on SIEM vs. XDR and how the two can coexist within today's SOC teams.

5 min Detection and Response

2021 Cybersecurity Superlatives: An InsightIDR Year in Review

We laughed, we cried, we added over 750 new detections.

3 min Metasploit

Metasploit Weekly Wrap-Up: Jan. 28, 2022

A new Log4Shell module for unauthenticated RCE on Ubiquiti UniFi devices, getsystem improvements, and more!

4 min Cloud Security

Why Security in Kubernetes Isn't the Same as in Linux: Part 1

Deploying your product on a Kubernetes cluster has a different security cost than on a traditional Linux server.

6 min Ransomware

How Ransomware Is Changing US Federal Policy

The increased stakes of the ransomware threat are pushing regulators to take a harder look at whether regulatory requirements for cybersecurity safeguards are effective.