3 min
Detection and Response
Automated remediation level 3: Governance and hygiene
The best way to mold a solution that makes sense for your company and cloud security is by adding actions that cause the fewest deviations in your day-to-day operations.
5 min
Application Security
3 Takeaways From The 2021 VDBIR: It’s An Appandemic
According to this year's report, small companies have pulled closer to their larger counterparts when bearing the brunt of web-application breaches and are losing ground in the time it takes to discover those breaches.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: Jun. 25, 2021
Three fresh modules for Cisco targets and rConfig, plus new enhancements and fixes.
3 min
Security Strategy
Kill Chains: Part 3→What’s next
As the final entry in this blog series, we want to quickly recap what we have previously discussed and also look into the possible future of kill chains.
3 min
Threat Intel
The CISO as an Ethical Leader: Building Accountability Into Cybersecurity
It’s important that cybersecurity leaders reinforce ethical practices in guarding against data loss.
2 min
Detection and Response
CVE-2021-20025: SonicWall Email Security Appliance Backdoor Credential
The virtual, on-premises version of the SonicWall Email Security Appliance ships with an undocumented, static credential, which can be used by an attacker to gain root privileges on the device.
3 min
Public Policy
Rapid7 Joins Statement On DMCA Lawsuits Against Security Tools
Rapid7 joined a statement from cybersecurity community members urging against suppression of security tools and technologies using Section 1201 of the DMCA.
4 min
Vulnerability Management
InsightVM Release Announcement: Global Dashboard Filters
InsightVM users have been able to create dashboards, add different visualizations in the form of cards and apply filters to these cards. Rapid7 also provided dashboard templates which enabled users to create views focusing on scenarios
4 min
Attack Surface Security
Attack Surface Analysis Part 3:
Red and Purple Teaming
This is the third and final installment in our 2021 series around attack surface analysis. In this installment I’ll detail the final 2 analysis techniques—red and purple teaming.
2 min
Detection and Response
Automated remediation level 2: Best practices
When it comes to automating remediation, the second level we’ll discuss takes a bit of additional planning. This is so that users will see little to no impact in the account fundamentals automation process.
3 min
Metasploit
Metasploit Wrap-Up: 6/18/21
New Emby version scanner, IPFire authenticated RCE, HashiCorp Nomad RCE, Microsoft SharePoint unsafe control and ViewState RCE.
2 min
Research
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Deutsche Börse Prime Standard
Rapid7 just released the third in our Industry Cyber-Exposure Report (ICER) series. We've slimmed down our research and reporting style, and this series focuses on five areas we believe that CISOs at mega-corporations actually have a shot at accomplishing.
6 min
Penetration Testing
Attack Surface Analysis Part 2: Penetration Testing
In this three-part series, we’ll explore key considerations and strategies for choosing an attack surface analysis strategy, and the ways it can be used to increase awareness of both technical and process-related risks.
2 min
Detection and Response
Automated remediation level 1: Lock down fundamentals
Ensuring visibility across teams is a critical component in a shared data set where everyone can come to the same conclusions. And if this understanding and trust between teams is achieved, then you might be ready to get into the particulars of automated remediation.
3 min
Metasploit
Metasploit Wrap-Up: 6/11/21
NSClient++
Community contributor Yann Castel has contributed an exploit module for
NSClient++ which targets an authenticated command execution vulnerability. Users
that are able to authenticate to the service as admin can leverage the external
scripts feature to execute commands with SYSTEM level privileges. This allows
the underlying server to be compromised. Castel is also working on another
exploit module for NSClient++ which happens to be a local privilege escalation
so stay tuned for more N