2 min
Rapid7 Perspective
Rapid7 Acquires Leading Kubernetes Security Provider, Alcide
We at Rapid7 are happy to announce that we have acquired Alcide, a leader in Kubernetes security based in Tel Aviv, Israel.
3 min
Metasploit
Metasploit Wrap-Up: 1/29/21
Five new modules, including RCEs, arbitrary file write, and a Windows Registry check if the DementiaWheel/fanny.bmp malware exists on a target.
8 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of HTTP and HTTPS
Read on to learn more about the internet exposure of HTTP and HTTPS from our 2020 NICER Report.
1 min
Vulnerability Management
Upcoming Rapid7 Webcast: How Far Does Your VRM Strategy Go?
Web applications have been growing in complexity over the past several years, while also becoming the preferred method for attackers looking to capitalize.
4 min
News
State-Sponsored Threat Actors Target Security Researchers
On Monday, Google’s Threat Analysis Group published a blog on a widespread social engineering campaign that targeted security researchers working on vulnerability research and development.
3 min
Metasploit
Metasploit Wrap-Up: 1/22/21
A new Microsoft Windows Spooler privesc module, along with some fixes and improvements!
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of NTP
In the latest installment of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of NTP.
4 min
Public Policy
Principles for personal information security legislation
Rapid7's principles for laws to protect personal information: 1) Strong but flexible security requirements; 2) Security exemptions from privacy restrictions; 3) State preemption without undermining cybersecurity.
3 min
AWS
You Can Now Buy (And Renew) Five More Rapid7 Products Through AWS Marketplace
Learn more about our set of listings and how Marketplace might be able to help you find budget for that shiny new Rapid7 solution you’ve had your eye on.
6 min
InsightIDR
InsightIDR: 2020 Highlights and What’s Ahead in 2021
As we kick off the New Year, we wanted to highlight some key InsightIDR product investments and take a look ahead at detection and response in 2021.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 1/15/21
Commemorating the 2020 December Metasploit community CTF
A new commemorative banner has been added to the Metasploit console to celebrate
the teams that participated in the 2020 December Metasploit community CTF
and achieved 100 or more points:
If you missed out on participating in this most recent event, be sure to follow
the Metasploit Twitter and Metasploit blog
posts
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of DNS-over-TLS
In this edition of our NICER Protocol Deep Dive blog series, we'll take a closer look at the internet exposure of DNS-over-TLS.
7 min
Vulnerability Management
Patch Tuesday - January 2021
We arrive at the first Patch Tuesday of 2021 (2021-Jan
) with 83
vulnerabilities across our standard spread of products. Windows Operating
System vulnerabilities dominated this month's advisories, followed by Microsoft
Office (which includes the SharePoint family of products), and lastly some from
less frequent products such as Microsoft System Center and Microsoft SQL Server.
Vulnerability Breakdown by Software Family
FamilyVulnera
5 min
News
Update on SolarWinds Supply-Chain Attack: SUNSPOT, SUNSHUTTLE and New Malware Family Associations
New research has been published that expands the security community’s understanding of the breadth and depth of the SolarWinds attack.
3 min
Metasploit
Metasploit Wrap-Up: 1/8/21
Eight new Metasploit modules for various targets (and outcomes!), with a good set of improvements and fixes!