3 min
Incident Response
Energize Your Incident Response and Vulnerability Management With Crowdsourced Automation Workflows
Bringing the spirit of open source to security workflow automation can help you detect and address breaches quickly, before they become major incidents.
4 min
Emergent Threat Response
ProxyShell: More Widespread Exploitation of Microsoft Exchange Servers
As of August 12, 2021, multiple researchers have detected widespread opportunistic scanning and exploitation of Exchange servers using the ProxyShell chain.
7 min
Emergent Threat Response
Popular Attack Surfaces, August 2021: What You Need to Know
Here’s the specific attack surface area and a few of the exploit chains we’re keeping our eye on right now.
10 min
Public Policy
Reforming the UK’s Computer Misuse Act
The CMA is the UK’s anti-hacking law, and we've provided feedback on the issues we see with the legislation.
3 min
Cloud Security
Cloud Security Glossary: Key Terms and Definitions
The cloud security experts here at Rapid7 have created a list of key terms and concepts to help you continue your journey into cloud security and DevSecOps with clarity and confidence.
6 min
Patch Tuesday
Patch Tuesday - August 2021
Hot off the press, it’s another issue of the Patch Tuesday blog! While the
number of vulnerabilities is low this month, there are a number of high risk
items administrators will want to patch right away including a few that will
require additional remediation steps. This Patch Tuesday also includes updates
for three vulnerabilities that were publicly disclosed earlier this month. Let’s
jump in.
Windows Elevation of Privilege Vulnerability aka HiveNightmare/SeriousSAM
https://msrc.microsoft.com/
11 min
Public Policy
Hack Back Is Still Wack
The appeal of hack back is easy to understand, but that doesn't make the idea workable. Here, we outline why Rapid7 is against the authorization of private-sector hack back.
2 min
Metasploit
Metasploit Wrap-Up 8/6/21
Desert heat (not the 1999 film)
This week was more quiet than normal with Black Hat USA and DEF CON, but that
didn’t stop the team from delivering some small enhancements and bug fixes! We
are also excited to see two new modules #15519
and #15520
from researcher
Jacob Baines’ DEF CON talk Bring Your Own
Print Driver Vulnerability
3 min
Events
Black Hat 2021: Rapid7 Experts Share Key Day 2 Takeaways
Here we are again, back for another day of Rapid7 expert debriefings and analysis for some of the most talked-about Black Hat sessions of this year.
8 min
Ransomware
Slot Machines and Cybercrime: Why Ransomware Won't Quit Pulling Our Lever
Ransomware remains a significant problem, partly because the incentives for everyone, including victims, are there to increase the number of ransomware attacks.
3 min
Events
Black Hat 2021: Rapid7 Experts Share Key Day 1 Takeaways
OK, no big deal, we know how this goes. Once again, many of us are attending
Black Hat in a virtual capacity as COVID-19
meanders its way out of our lives. The good news is that there’s an actual live
component again this year in Las Vegas, and that’s progress. Here’s hoping that
next year the pandemic will be more firmly in the rearview and any remaining
travel trepidation will be a “2021 thing.”
So flip the on-switch to some neon lights if you got ‘em, and l
5 min
Emergent Threat Response
PetitPotam: Novel Attack Chain Can Fully Compromise Windows Domains
Late last month (July 2021), security researcher Topotam published a proof-of-concept (PoC) implementation of a novel NTLM relay attack christened “PetitPotam.”
7 min
Ransomware
The Ransomware Task Force: A New Approach to Fighting Ransomware
The Institute for Security and Technology put together a comprehensive Ransomware Task Force (RTF) to identify new approaches to shift the dynamics of ransomware and reduce opportunities for attackers.
1 min
Lost Bots
[The Lost Bots] Episode 2: Extended Detection and Response (XDR)
In this second episode, Jeffrey sits down with Dan Martin, a lead product manager for our platform at Rapid7, to discuss Extended Detection and Response (XDR).
4 min
InsightAppSec
3 Steps to Integrate Rapid7 Products Into the DevSecOps Cycle
In this post, we’ll take a closer look at how to integrate security tools into the various phases of the DevSecOps cycle. We’ll focus here on Rapid7 tools like InsightVM, InsightAppSec and InsightOps; the same principles apply to integrating other open-source security tools into the process.