All Posts

Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations

The Rapid7 Threat Intelligence team is tracking the attacker's-eye view on Log4Shell and the related chatter on the clear, deep, and dark web.

8 min InsightVM

Using InsightVM to Find Apache Log4j CVE-2021-44228

How to use InsightVM or Nexpose to detect exposure to Log4Shell CVE-2021-44228 in your environment, plus additional detail about how our various vulnerability checks work under the hood.

3 min Emergent Threat Response

Update on Log4Shell’s Impact on Rapid7 Solutions and Systems

Like the rest of the security community, we have been internally responding to the critical remote code execution vulnerability in Apache’s log4j Java library (a.k.a. Log4Shell).

7 min Risk Management

Driver-Based Attacks: Past and Present

In our analysis of CVE-2021-21551, a write-what-where vulnerability in a Dell driver, we found that Dell’s update didn’t fix the write-what-where condition but only limited access to administrative users.

2 min Metasploit

Metasploit Wrap-Up 12/10/21

Word and Javascript are a rare duo. Thanks to thesunRider . you too can experience the wonder of this mystical duo. The sole new metasploit module this release adds a file format attack to generate a very special document. By utilizing Javascript embedded in a Word document to trigger a chain of events that slip through various Windows facilities, a session as the user who opened the document can be yours. Do you like spiders? It has been 3 years since SMB2 suppo

15 min Emergent Threat Response

Widespread Exploitation of Critical Remote Code Execution in Apache Log4j

On December 10, 2021, Apache released version 2.15.0 of their Log4j framework, which included a fix for CVE-2021-44228, a critical RCE vulnerability that is being exploited in the wild.

3 min Cloud Security

Stay Ahead of Threats With Cloud Workload Protection

Cloud workload protection (CWP) brings major structural changes to software development and enhances security across all processes.

3 min Compliance

Simplifying Complex Cybersecurity Regulations

Cybersecurity regulations often require similar baseline security practices, even though the legislation may structure compliance requirements differently.

2 min Application Security

A Dream Team-Up: Integrate InsightAppSec With ServiceNow ITSM

A brand-new integration between InsightAppSec and ServiceNow makes it easier to create tickets for vulnerability scans and remediation.

2 min Emergent Threat Response

Patch Now: SonicWall Fixes Multiple Vulnerabilities in SMA 100 Devices

On December 7, 2021, Sonicwall released a security advisory that includes patching guidance for five vulnerabilities that were discovered by Rapid7.

3 min Detection and Response

Demystifying XDR: A Forrester Analyst Lays the Foundation

We sat down with Forrester Analyst Allie Mellen to discuss extended detection and response (XDR) and how organizations can benefit from this approach.

2 min Emergent Threat Response

Oh No, Zoho: Active Exploitation of CVE-2021-44077 Allowing Unauthenticated Remote Code Execution

Zoho customers have had a huge incentive lately to keep their software up to date, as recent Zoho critical vulnerabilities have been weaponized shortly after release by advanced attackers.

4 min Ransomware

3 Strategies That Are More Productive Than Hack Back

Hack back, as used by non-government entities, is problematic for many reasons. Here are 3 alternative strategies to thwart the attackers.

2 min Metasploit

Congrats to the Winners of the 2021 Metasploit Community CTF

Thanks to everyone who participated in this year's Metasploit community CTF! In this post, we're announcing the winners.