All Posts

Metasploit Wrap-Up: Jul. 9, 2021

A new module for CVE-2021-34527, dubbed PrintNightmare, and a local privilege escalation module for NSClient++

Apple Silicon Support on Insight Agent

We are pleased to announce the general availability of native support of Apple Silicon chips for the Rapid7 Insight Agent.

15 min Detection and Response

Introducing the Manual Regex Editor in IDR’s Parsing Tool: Part 2

I will discuss here how to use Regex Editor mode, which assumes a general understanding of regular expression.

2 min InsightCloudSec

Introducing InsightCloudSec

Rapid7 is proud to announce our next step in helping to drive cloud security forward: InsightCloudSec.

8 min Vulnerability Disclosure

CVE-2020-7387..7390: Multiple Sage X3 Vulnerabilities

Four vulnerabilities involving Sage X3 were identified by Rapid7 researchers.

10 min Detection and Response

Introducing the Manual Regex Editor in IDR’s Parsing Tool: Part 1

New to writing regular expressions? No problem. In this two-part blog series, we’ll cover the basics of regular expressions and how to write regular expression statements (regex) to extract fields from your logs while using the custom parsing tool.

3 min Gartner

Rapid7 Named a Leader, 2021 Gartner Magic Quadrant for SIEM

This is the second consecutive time our SaaS SIEM—InsightIDR—has been named a Leader in this report.

2 min Detection and Response

Automated remediation level 4: Actual automation

After the previous 3 steps—where we discussed everything from logging to best practices to account hygiene—it’s time to talk about the actions that really let you calibrate and control the kind of remediation you’re looking to get out of the process.

2 min Metasploit

Metasploit Wrap-Up: 7/2/21

Containers that fail to Contain Our own Christophe De La Fuente added a module for CVE-2019-5736 based on the work of Adam Iwaniuk that breaks out of a Docker container by overwriting the runc binary of an image which is run in the user context whenever someone outside the container runs docker exec to make a request of the container. Execute an Image Please, Wordpress Community contributor Alexandre Zanni sent us a PR that uses native PHP functions to upload a file as an image attachment to Wo

8 min Emergent Threat Response

CVE-2021-34527 PrintNightmare: What You Need to Know

Vulnerability note: This blog originally referenced CVE-2021-1675, but members of the community noted the week of June 29 that the publicly available exploits that purported to exploit CVE-2021-1675 may in fact have been targeting a new vulnerability in the same function as CVE-2021-1675. This was later confirmed, and Microsoft issued a new CVE for what the research community originally thought was CVE-2021-1675. Defenders should now follow guidance and remediation information on the new vulnera

2 min Emergent Threat Response

ForgeRock Access Manager/OpenAM Pre-Auth Remote Code Execution Vulnerability (CVE-2021-35464): What You Need To Know

On June 29, 2021, researcher Michael Stepankin (@artsploit) posted details of a pre-auth remote code execution (RCE) vulnerability, CVE-2021-35464, in ForgeRock Access Manager identity and access management software that front-ends web applications and remote access solutions in many enterprises.

2 min Threat Intel

Yes, Fraudsters Can Bypass the Strong Customer Authentication (SCA) Requirement

Any new security regulation attracts the attention of fraudsters and cybercriminals. It’s safe to assume they're able to bypass SCA.

5 min

#Rapid7Life Belfast: Why I Joined

Interested in learning why these individuals chose to make a job change during these uncertain times and how Rapid7 made the decision a no-brainer? Read on to find out from a few of our Belfast-based Software Engineers!

3 min Detection and Response

Automated remediation level 3: Governance and hygiene

The best way to mold a solution that makes sense for your company and cloud security is by adding actions that cause the fewest deviations in your day-to-day operations.

5 min Application Security

3 Takeaways From The 2021 VDBIR: It’s An Appandemic

According to this year's report, small companies have pulled closer to their larger counterparts when bearing the brunt of web-application breaches and are losing ground in the time it takes to discover those breaches.