5 min
Research
Microsoft Exchange 2010 End of Support and Overall Patching Study
Today's topic is Exchange 2010, which reaches end of support (EoS) on Oct. 13, 2020, as well as a survey of other versions of Exchange and how well they are being kept up-to-date.
6 min
Detection and Response
2021 Detection and Response Planning, Part 1: Rapid7’s Jeffrey Gardner Breaks Down How CISOs Should Approach Security Planning for the New Year
To kick off this series, we sat down with Jeffrey Gardner, a former Information Security Officer, and recently appointed Practice Advisor for our Detection and Response portfolio here at Rapid7.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-up: 9/25/20
Nine new modules, including a module for Zerologon, a new SOCKS module, some privilege escalations, and another Java deserialization exploit.
6 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of rsync
In this installment of our NICER Protocol Deep Dive blog series, we take a closer look at internet exposure of rsync.
2 min
This One Time on a Pen Test
This One Time on a Pen Test: Ain’t No Fence High Enough
In this edition of "This One Time on a Pen Test," we discuss an engagement with for an energy company with a high-fence compound.
2 min
Research
Rapid7 Releases Q2 2020 Quarterly Threat Report
It’s hard to believe it’s already the end of September, and with it comes Rapid7’s Q2 2020 Quarterly Threat Report.
2 min
InsightIDR
Define What to Parse From Logs with the Custom Parsing Tool in InsightIDR
In InsightIDR, Rapid7’s SIEM tool, customers use log data to detect malicious activity, prove compliance, and gain visibility across their network.
3 min
Metasploit
Metasploit Wrap-Up: Sep. 18, 2020
Six new modules this week, and a good group of enhancements and fixes!
6 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of SMB
In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at internet exposure of SMB.
5 min
Public Policy
A step closer to stronger federal IoT security
The US House passed the IoT Cybersecurity Improvement Act, which would require federal procurement and use of IoT devices to conform to basic security requirements.
3 min
InsightVM
Decentralize Remediation Efforts to Gain More Efficiency with InsightVM
We’re excited to introduce you to two new InsightVM product updates to help you further reduce friction, save time, and gain greater efficiency.
2 min
Penetration Testing
This One Time on a Pen Test: How I Outwitted the Vexing VPN
In this edition of "This One Time on a Pen Test," we discuss outwitting the vexing VPN.
2 min
Vulnerability Management
CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know
CVE-2020-1472 is a critical privilege escalation vulnerability that can yield an attacker full takeover of an affected network. Here's what you need to know.
3 min
Vulnerability Management
Vulnerability Remediation vs. Mitigation: What’s the Difference?
In this blog, we dive into better understanding the difference between vulnerability mitigation vs. remediation.
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of FTP/S (TCP/990)
In this installation of our NICER Protocol Deep Dive blog series, we take a look at the internet exposure of FTP/S (TCP/990).