This blog explains how to secure your Bluesky account from security threats such as malware and phishing, as well as establishing your identity to help prevent fraud and impersonation.
In this post, we’ll examine the latest data points, discuss notable groups, and estimate the potential impact on victims — helping security teams plan their defenses for the months ahead.
Recruitment fraud is an expensive and time-consuming threat to business. The risk of malware deployment and data exfiltration is high from threat actors trained to bypass each stage of a typical recruitment process. This blog outlines how an organization can secure the hiring process weak points.
In this blog, the global experts across our Rapid7 Labs and Managed Services teams share real-time vulnerability insights and threat intelligence so that our customers can anticipate and prevent breaches, pinpoint critical threats, and confidently take command of their attack surface.
As part of our ongoing efforts to monitor emerging cyber threats, we have analyzed the activities of CyberVolk, a politically motivated hacktivist group that transitioned into using ransomware and has been active since June 2024.
As part of our research and tracking of threats, Rapid7 Labs is actively monitoring new and upcoming threat groups and the ransomware domain is known for having a large number of them.
The Ransomware Radar Report offers some startling insights into who ransomware threat actors are and how they’ve been operating in the first half of 2024.
The latest research paper coming out of Rapid7 Labs examines the tactics of North Korea’s Kimsuky threat group.
In Q2, we focused on enhancing visualization, prioritization, and integration capabilities across our key products and services.
On Monday, Google’s Threat Analysis Group published a blog on a widespread social engineering campaign that targeted security researchers working on vulnerability research and development.
How many internet-accessible RDP services have the DOPU implant installed? How much DOPU-over-RDP traffic do we see being sprayed across the internet?
In this blog, we discuss how a Denial of Service (DoS) bug could crash all Beckhoff PLCs running the Profinet protocol stack if an attacker gains access.
First up: many thanks to Brent Cook [/author/brent-cook/], William Vu [/author/william-vu/] and Matt Hand for their massive assistance in both the Rapid7 research into “Drupalgeddon” and their contributions to this post. Background on the Drupalgeddon vulnerability The Drupalgeddon 2 vulnerability announcement came out in late March (2018-03-28 ) as SA-CORE-2018-002 [https://www.drupal.org/sa-core-2018-002]. The advisory was released with a patch and CVE (CVE-2018-7600) [https://www.rapid7.com/
UPDATE - March 10th, 2017: Rapid7 added a check that works in conjunction with Nexpose's web spider functionality. This check will be performed against any URIs discovered with the suffix “.action” (the default configuration for Apache Struts apps). To learn more about using this check, read this post [https://www.rapid7.com/blog/post/2017/03/15/using-web-spider-to-detect-vulnerable-apache-struts-apps-cve-2017-5638/] . UPDATE - March 9th, 2017: Scan your network for this vulnerability [https://
(A Story by Rapid7 Labs) Merry HaXmas to you! Each year we mark the 12 Days of HaXmas [https://www.rapid7.com/blog/tag/haxmas/] with 12 blog posts on hacking-related topics and roundups from the year. This year, we're highlighting some of the “gifts” we want to give back to the community. And while these gifts may not come wrapped with a bow, we hope you enjoy them. Happy Holi-data from Rapid7 Labs! It's been a big year for the Rapid7 elves Labs team. Our nigh 200-node strong Heisenberg Cloud