4 min
Events
More SNMP Information Leaks: CVE-2014-4862 and CVE-2014-4863
Today, Rapid7 would like to disclose a pair of newly discovered vulnerabilities
around consumer and SOHO-grade cable modems, the Arris DOCSIS 3.0 (aka,
Touchstone cable modems) and Netmaster Wireless Cable Modems. Both exposures
were discovered by Rapid7's Deral Percent_X [https://twitter.com/Percent_X]
Heiland and independent researcher Matthew Kienow. The duo plan to discuss these
and other common vulnerabilities and configuration issues at DerbyCon near the
end of September. In the meantime,
2 min
Events
Metasploit Race to Root and Loginpalooza
Race to Root
Unless you've gotten to this blog by freak accident, you are certain to be aware
that next week is Black Hat USA 2014, and of course, we'll be there. You can
find us at Booth #541, where we'll be running the Metasploit Race to Root, using
the latest pre-release build of Metasploit Pro.
Now, this is not just a contest to see who can get their badge scanned the
fastest. Oh no. This is a real, hands-on micro-sized capture the flag
competition, run by our capable and talented in-house
3 min
Events
Weekly Metasploit Update: Countdown to DEFCON
Don't Be (too) Naked in Vegas
Wow, it's exactly two more weeks today until DEFCON. While Rapid7 has had a
vendor presence at Black Hat for many years (at booth #541), this year is, I
believe, the first time that we'll have a vendor table at DEFCON. I'm super
stoked about both gigs, since the Black Hat booth will give us an opportunity to
unload give away a fresh new batch of Metasploit T-Shirt Design contest
[http://99designs.com/t-shirt-design/contests/metasploit-design-contest-375195/brief]
2 min
Events
Social-Engineer CTF Report Released
For the last five years, the team at Social-Engineer have been bringing one of
the most exciting events to DEF CON - the Social Engineering Capture the Flag.
The contest was designed to help bring awareness to the world about how
dangerous social engineering can be. In our 5th year, the competition was
fierce and the report is the best we have ever released.
This year a pool of 10 men and 10 women, from diverse backgrounds and experience
levels, tested their social engineering abilities again
0 min
Metasploit
SecureNinjaTV Interview: Tod Beardsley About Metasploit 10th Anniversary
At Black Hat 2013 in Vegas this year, our very own Tod Beardsley was cornered by
SecureNinja TV and social engineered into giving an interview. Here is the
result - captured for eternity:
[http://www.youtube.com/watch?v=yFHA5F2crFE&feature=youtu.be]
Click here to download Metasploit Pro
[https://www.rapid7.com/products/metasploit/download/]
2 min
Nexpose
Rapid7 Wins Coveted SC Magazine Award for Best Vulnerability Management Tool
Thorsten George, VP of Worldwide of Marketing and
Products for Agiliance on the left and
Bernd Leger, VP of Marketing, Products &
Solutions at Rapid7 on the right
Sitting in a room of hundreds of industry leaders and security vendors, it was
extremely gratifying to hear our name called and being asked on stage to receive
one of the coveted SC Magazine Awards last night in San Francisco. Rapid7 won
the prestigious “Best Vulnerability Management Tool” Award in the Reader's Trust
Award Categor
2 min
Events
The Security Confab
On the homepage of the 5th Annual Security Confab, a sort of mission statement
for the event is provided with a simple explanation of the meaning of the word
“confab”:
CONFAB [kuhn-fab] -noun
1. a gathering to talk informally; converse; chat
I think this is important. The event's main theme is “The Evolving Threat
Landscape” and at Rapid7 we're pretty vocal about how important we think
collaboration is in addressing this, so it's good to see and attend events that
aim to create an opportunit
1 min
Events
Rapid7's high flying RSA party
Thanks to all of you who attended our party at Ruby Skye on Wednesday. We were
overwhelmed by how many RSA delegates showed up: The club holds close to a
thousand people, and we were operating at capacity for most of the night.
Apologies if you had to wait in line for a few minutes!
Have a great weekend and sleep off the RSA Conference buzz!
Update: Just received this great picture taken by Travis Arnold at the party –
thought you'd enjoy it!
2 min
Awards
We weren't joking when we said "tattoos"!
Be careful what we wish for: In 2006, HD Moore wrote a blog post
[/2006/08/27/metasploit-framework-30-beta-2] about a redesign of the Metasploit
Project, announcing that the new graphics “will be featured on tee shirts,
posters, and tattoos over the coming year.” Well, you guys took a little longer
than we thought but we now have our first Metasploit tattoo!
Initially, we thought Roy Morris (aka @soundwave1234
[http://twitter.com/soundwave1234]) was joking when he tweeted to @hdmoore
[htt