2 min
Metasploit
Metasploit Wrap-Up: 8/21/20
Setting module options just got easier!
Rapid7's own Dean Welch added a new option
to framework called
RHOST_HTTP_URL, which allows users to set values for multiple URL components,
such as RHOSTS, RPORT, and SSL, by specifying a single option value. For
example, instead of typing set RHOSTS example.com, set RPORT 5678, set SSL true,
you can now accomplish the same thing with the command set RHOST_HTTP_URL
7 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of Telnet Services
In the first installment of our NICER Protocol Deep Dive blog series, we cover internet exposure of Telnet services.
5 min
InsightVM
Automated External Sonar Scanning Workflow with InsightVM
In this blog post, we discuss an external scanning strategy that you will want to implement with your InsightVM deployment.
4 min
Career Development
Join Team Moose: Become a Rapid7 BDR
The Business Development Representative (BDR) program at Rapid7 is an entry-level program that develops our next generation of successful sales professionals.
2 min
InsightConnect
Stop Attackers in Their Tracks with Insight Agent Quarantine
Rapid7’s Insight Agent is lightweight software you can install on any asset—in the cloud or on-premises—to collect data from across your environment.
2 min
Metasploit
Metasploit Wrap-Up: 8/14/20
vBulletin strikes again
This week saw another vBulletin exploit released by returning community member
Zenofex. This exploit module allows an unauthenticated attacker to run arbitrary
PHP code or operating system commands on affected versions of the vBulletin web
application. The vulnerability, which was also discovered by Zenofex, is
identified as CVE-2020-7373
and is
effectively a bypass for a previously patched vulnerabili
3 min
SIEM
Data Ingestion and Data Digestion: What SIEM Log Consumption Tells Us About Modern Attack Patterns
From endpoints and VPN networks to cloud applications, the modern attack surface has expanded—but does your solution stack reflect this?
4 min
Career Development
Three Things You Can Expect as an Intern at Rapid7
Are you a university student looking to jumpstart your career and gain some experience? Rapid7 has a wide range of opportunities for you to join our herd!
9 min
Cloud Security
Augmenting Native Cloud Service Provider Security
Most organizations already have some level of cloud infrastructure services; infrastructure-as-a-service , platform-as-a-service, function-as-a-service or serverless—and as more workloads migrate to and are built on the cloud, the top cloud security concern for any organization is a data breach.
4 min
Vulnerability Management
Patch Tuesday - August 2020
120 Vulnerabilities Patched in Microsoft's August 2020 Update Tuesday (2020-Aug
Patch Tuesday)
August 2020 brings along patches for 120 vulnerabilities within the standard set
of Microsoft products (Windows, Office, Browsers, and Developer Tools such as
.NET Framework, ASP.NET, and Visual Studio). Among the crowd are two
vulnerabilities: CVE-2020-1464
, and CVE-2020-1380
3 min
Awards
Rapid7 Named a Leader in the 2020 Forrester Wave™ for Midsize Managed Security Services Providers, Q3 2020
Rapid7 is thrilled to be named a Leader in The Forrester Wave™: Midsize Managed Security Services Providers, Q3 2020!
3 min
InsightVM
What’s New in InsightVM: H1 2020 in Review
Throughout the first half of the year, we released updates and features to help security teams work more effectively and efficiently in InsightVM.
9 min
Events
Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 2 Sessions
Our Rapid7 experts attended another day of incredible talks, and have plenty of key takeaways and insights to share about their Virtual Vegas sessions.
5 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 8/7/20
Metasploit 6 initial features and active development, the 2020 open-source security meetup (OSSM), four new modules, and the longest list of enhancements and fixes we've ever written in one sitting.
9 min
Events
Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 1 Sessions
Even from home, it can be tough to catch what you want to see at Black Hat, so we had our experts do the work for you as part of our Virtual Vegas event.