All Posts

Exim Vulnerability (CVE-2019-16928): Global Exposure Details and Remediation Advice

On Sept. 27, CVE-2019-16928 was promulgated, indicating all Exim versions 4.92–4.92.2 were vulnerable to a heap-based buffer overflow.

5 min Vulnerability Management

How DHS and MITRE Collaborate to Validate Vulns

In this week's podcast, we spoke with Katie Trimble of DHS and Chris Coffin of MITRE about their work with the CVE Project.

3 min Application Security

DAST vs. SAST: Which solution is better?

Security and DevOps teams seemingly have to choose between speed and security. We think there's a better way.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 9/27/19

BlueKeep is Here The BlueKeep exploit module is now officially a part of Metasploit Framework. This module reached merged status thanks to lots of collaboration between Rapid7 and the MSF community members. The module requires some manual configuration per target, and targets include both virtualized and non-virtualized versions of Windows 7 and Windows Server 2008. For a full overview of the exploit’s development and notes on use and d

1 min Penetration Testing

This One Time on a Pen Test: Our Accidental Win

In this blog, we recall one pen test where a placeholder password we put in actually worked with one login account.

3 min InsightVM

Four Ways to Improve Automated Vulnerability Management Efficiency with SOAR

In this post, we’ll cover four ways to leverage security orchestration and automation (SOAR) to improve your vulnerability management program and save time in the process.

1 min Security Strategy

How to Easily Schedule a Meeting with Rapid7 Support

Rapid7 is pleased to announce that you can now schedule a meeting with your Support Engineer with the click of a button.

1 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 9/20/19

On the correct list AppLocker and Software Restriction Policies control the applications and files that users are able to run on Windows Operating Systems. These two protections have been available to the blue team for years. AppLocker is supported on Windows 7 and above, and Software Restriction Policies is supported on Windows XP and above. Encountering either during an engagement could slow you down; however, look no further than the evasion modules for assistance. Nick Tyrer

1 min Penetration Testing

This One Time on a Pen Test: What’s in the Box?

Here is the story of how one of our penetration testers exploited ExternalBlue on a rogue access point.

5 min Cloud Infrastructure

Strategies to Secure Cloud Environments

In a recent webcast, we discussed cloud security best practices, how to avoid common pitfalls, and how to work with DevOps to get the most out of your organization’s cloud investment.

4 min Podcast

How to Drive Cybersecurity Transformation in Healthcare

On this week's episode of Security Nation, we spoke with Richard Kaufmann, the information security officer at Amedisys.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: Sep. 13, 2019

Fall is in the air, October is on the way, and it is Friday the 13th. We have a lot of updates and features that landed this week, though none are particularly spooky, and unfortunately, none are json-related…1 We recently updated our digital signing keys, and some users may have seen warnings that their Metasploit packages were not signed. We’ve fixed this as of this week—apologies for any confusion. If you are still experiencing signing issues, you may need to re-download Metasploit installer

2 min Penetration Testing

This One Time on a Pen Test: The Pizza of Doom

Here is the story of how I bypassed physical security controls by posing as a pizza delivery guy and showing up to my client site with a pizza pie.

3 min Automation and Orchestration

Automating User Provisioning and Deprovisioning with Security Orchestration, Automation, and Response (SOAR)

Here are three ways security orchestration and automation tools can streamline the user provisioning and deprovisioning process.

4 min Vulnerability Management

CVE-2019-15846 Privileged Remote Code Execution Vulnerability in the Exim Mailer: What You Need to Know

On Sept. 6, the Exim development team released a patch for CVE-2019-15846, which fixed a privileged, unauthenticated RCE weakness in its popular internet email server software.