4 min
Emergent Threat Response
Trojan Source CVE-2021-42572: No Panic Necessary
What is this thing?
Researchers at the University of Cambridge and the University of Edinburgh
recently published a paper on
an attack technique they call “Trojan Source.” The attack targets a weakness in
text-encoding standard Unicode—which allows computers to handle text across many
different languages—to trick compilers into emitting binaries that do not
actually match the logic visible in source code. In other words, what a
developer or secu
6 min
IoT
Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 3
The goal in this next phase of the IoT hacking exercise is to turn the console back on.
4 min
Detection and Response
Building Threat-Informed Defenses: Rapid7 Experts Share Their Thoughts on MITRE ATT&CK
Three members of Rapid7's Managed Detection and Response team tell us about their firsthand experience MITRE's ATT&CK Matrix for Enterprise.
4 min
InsightVM
InsightVM Scan Diagnostics: Troubleshooting Credential Issues for Authenticated Scanning
Scan Diagnostics will report a “vulnerable” result against assets when the Scan Engine is supplied with credentials but unable to gather local information.
2 min
Cloud Security
A Matter of Perspective: Agent-Based and Agentless Approaches to Cloud Security, Part 2
Neither the agent-based nor agentless cloud security approach is better than the other. In some cases, it could be beneficial to leverage both.
3 min
InsightAppSec
Solving the Access Goldilocks Problem: RBAC for InsightAppSec Is Here
Role-Based Access Control (RBAC) lets you flexibly provide the right levels of access to InsightAppSec for each role on your security team.
2 min
Emergent Threat Response
GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild
Patches have been available for GitLab CVE-2021-22205 since April 2021, but analysis suggests a large number of instances are still vulnerable.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: Oct. 29, 2021
Modules for Apache Server, Sophos UTM, the OMIgod RCE, and more. Plus, support for reverse port forwarding via established SSH sessions.
12 min
Malware
Infostealer Malware Masquerades as Windows Application
Rapid7's Managed Detection and Response (MDR) team recently identified a malware campaign whose payload installs itself as a Windows application.
6 min
Research
Hands-On IoT Hacking: Rapid7 at DefCon IoT Village, Part 2
In part 2 of our series on Rapid7's IoT hacking exercise from DefCon 29, we look at how to determine whether the header we created is UART.
3 min
Rapid7 Culture
Rapid7 Announces Tampa Office Opening
We're thrilled to announce that Rapid7 is expanding its US office footprint with the opening of our newest location in Tampa, Florida.
2 min
Emergent Threat Response
NPM Library (ua-parser-js) Hijacked: What You Need to Know
For approximately 4 hours on Friday, October 22, 2021, the widely used NPM package ua-parser-js was embedded with a malicious script.
3 min
Research
Recog: Data Rules Everything Around Me
Rapid7 has updated the recog framework to help solve the conundrum of content versus code.
5 min
Risk Management
2022 Planning: Designing Effective Strategies to Manage Supply Chain Risk
Rapid7 experts spoke with a group of industry panelists about the challenges of supply chain security and how their organizations are tackling them.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 10/22/21
Metasploit's first modules targeting Kubernetes, plus Windows support for exploiting Confluence Server CVE-2021-26084.