All Posts

Metasploit Wrap-Up - July 31, 2020

SharePoint DataSet/DataTable deserialization First up we have an exploit from Spencer McIntyre (@zeroSteiner) for CVE-2020-1147 , a deserialization vulnerability in SharePoint instances that was patched by Microsoft on July 14th 2020 and which has been getting quite a bit of attention in the news lately. This module utilizes Steven Seeley (@stevenseeley)'s writeup al

1 min Metasploit

Open Source Security Meetup (OSSM): Virtual Edition

The Rapid7 Metasploit team will be hosting our annual Open Source Security Meetup (OSSM) as a virtual event Thursday, August 6th!

8 min Cloud Security

Cloud Best Practices Every Security Professional Should Know

In part one of this series on the cloud and cloud security for security professionals, we dove into everything you’ve ever wanted to know about the cloud.

3 min Vulnerability Management

Remote Code Execution Risks in Secomea, Moxa, and HMS eWon ICS VPN Vulnerabilities: What You Need to Know

On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across products of three industrial control system (ICS) vendors’ — HMS, Secomea, and Moxa — remote access technologies.

3 min Public Policy

Rapid7 statement on privacy and status of EU-US data transfers post-Schrems II

On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield in the Schrems II case (also known as Data Protection Commissioner v. Facebook Ireland and Maximillian Schrems). Here is our response.

3 min InsightConnect

Plugin Development Made Easy With Rapid7

The Rapid7 Integrations Team is focused on making plugin development an easy process for all security practitioners, not just those with a programming background.

4 min Vulnerability Management

Hear from Your Peers: Advice for Your First 90 Days Using a Vulnerability Management Solution

In a recent survey with InsightVM customers, we asked them to share their best tips for the first 90 days of using a vulnerability management solution.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 7/24/20

Yes, it’s a huge enterprise vulnerability week (again) For our 100th release since the release of 5.0 18 months ago, our own zeroSteiner got us a nifty module for the SAP "RECON" vulnerability affecting NetWeaver version 7.30 to 7.50. It turns out those versions will allow anyone to create a

3 min Rapid7 Culture

#Rapid7Life in a Remote World: Building the Bridge While We Cross

Upon news of our temporarily closed global office spaces to ensure employee health and safety, we made the quantum leap to a remote world and workplace.

3 min Vulnerability Management

CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability: What You Need to Know

On July 22, Cisco released a patch for a high-severity read-only patch traversal vulnerability in its Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products.

4 min InsightIDR

What’s New in InsightIDR: H1 2020 in Review

This post offers a closer look at select highlights of what’s new in InsightIDR, our cloud-based SIEM tool, from the first half of 2020.

5 min InsightVM

Q&A from June 2020 Customer Webcast on InsightVM Custom Policy Builder

During our most recent webcast on InsightVM's Custom Policy Builder, we received a lot of great questions from attendees.

6 min InsightIDR

Defense in Depth Using Deception Technology in InsightIDR

Today, we are diving into the four pieces of deception technology that Rapid7 offers through our incident detection and response tool, InsightIDR.

2 min Metasploit

Metasploit Wrap-Up: 7/17/20

Plex unpickling The exploit/windows/http/plex_unpickle_dict_rce module by h00die exploits an authenticated Python deserialization vulnerability in Plex Media Server. The module exploits the vulnerability by creating a photo library and uploading a Dict file containing a Python payload to the library’s path. Code execution is then achieved by triggering the plugin loading functionality, which unpickles the Dic

4 min InsightConnect

How to Operationalize Threat Response from Chat Using InsightConnect

With InsightConnect, Rapid7’s SOAR tool, you can take action against alerts, threats, and vulnerable hosts directly from your existing communication tools.