9 min
Threat Intel
The Top 5 Russian Cyber Threat Actors to Watch
These 5 threat actors are identified by our Threat Intelligence Research team as the most likely (i.e., highest risk) to carry out cyberattacks against European and US companies.
5 min
Vulnerability Disclosure
CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)
On February 25, 2022, GitLab published a fix for CVE-2021-4191, a now-patched vulnerability resulting from a missing authentication check.
2 min
Application Security
InsightAppSec GitHub Integration Keeps Risky Code From Reaching Production
The new GitHub Actions integration in InsightAppSec allows security and development teams to automate DAST as part of the CI/CD build pipeline workflow.
7 min
Ransomware
Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict
On February 27, Twitter user @ContiLeaks released a trove of chat logs from the sophisticated ransomware group, Conti.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 2/25/22
Exchange RCE
Exchange remote code execution vulnerabilities are always valuable exploits to
have. This week Metasploit added an exploit for an authenticated RCE in
Microsoft Exchange servers 2016 and server 2019 identified as CVE-2021-42321
. The
flaw leveraged by the exploit exists in a misconfigured denylist that failed to
prevent a serialized blob from being loaded resulting in code execution. While
this is an authenticate
1 min
Emerging Threats
Russia/Ukraine Conflict: What Is Rapid7 Doing to Protect My Organization?
Rapid7 is monitoring the escalating conflict in Ukraine. To assist with your preparation and response efforts, Rapid7 is constantly making efforts to better protect our customers.
5 min
Emerging Threats
Staying Secure in a Global Cyber Conflict
Now that Russia has begun its armed invasion of Ukraine, we should expect increasing risks of cybersecurity attacks and incidents, either as spillover from cyberattacks targeting Ukraine or direct attacks against actors supporting Ukraine.
3 min
Detection and Response
Demystifying XDR: How Curated Detections Filter Out the Noise
Forrester Analyst Allie Mellen chats with Rapid7's Sam Adams about how curated detections in XDR fight false positives.
5 min
Threat Intel
For Health Insurance Companies, Web Apps Can Be an Open Wound
Misconfigured web apps can leave your defenses wide open. Here's how health insurance providers can harden their web app security and protect their data.
1 min
InsightIDR
This CISO Isn’t Real, But His Problems Sure Are
The odds are stacked against this poor guy (and you) now – but a unified Extended Detection and Response (XDR) and SIEM restacks them in your favor.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 2/18/22
Nagios XI web shell upload module
New this week is a Nagios Web Shell Upload module
from Rapid7' own
Jake Baines , which exploits CVE-2021-37343
. This
module builds upon the existing Nagios XI scanner
written
5 min
Vulnerability Management
What's New in InsightVM and Nexpose: Q4 2021 in Review
As we enter into the new year, we wanted to provide a recap of product releases and features in InsightVM and Nexpose for Q4 2021.
6 min
Log4Shell
Log4Shell 2 Months Later: Security Strategies for the Internet's New Normal
On Wednesday, February 16, Rapid7 experts Bob Rudis, Devin Krugly, and Glenn Thorpe sat down for a webinar on the current state of the Log4j vulnerability.
6 min
Cloud Security
Cloud Security and Compliance: The Ultimate Frenemies of Financial Services
Here are four ways finserv companies can embrace the love-hate relationship with cloud security and compliance while effectively navigating the need to maintain pace with today's rapid rate of change.
5 min
Cloud Security
The Future of Finserv Security: Cloud Expert and Former CISO Anthony Johnson Weighs In
Former CISO Anthony Johnson talks about the latest developments in finserv security and how these developments are being received within the industry.