5 min
Vulnerability Management
What's New in InsightVM and Nexpose: Q1 2022 in Review
The product updates our vulnerability management (VM) team has made to InsightVM and Nexpose in the last quarter will empower you to stay in charge — not the vulnerabilities.
5 min
Vulnerability Management
What's New in InsightVM and Nexpose: Q4 2021 in Review
As we enter into the new year, we wanted to provide a recap of product releases and features in InsightVM and Nexpose for Q4 2021.
6 min
Log4Shell
Log4Shell 2 Months Later: Security Strategies for the Internet's New Normal
On Wednesday, February 16, Rapid7 experts Bob Rudis, Devin Krugly, and Glenn Thorpe sat down for a webinar on the current state of the Log4j vulnerability.
7 min
Application Security
How InsightAppSec Detects Log4Shell: Your Questions Answered
In this post, we talk about our response to CVE-2021-44228 (a.k.a. Log4Shell) with the Rapid7 InsightAppSec platform.
3 min
Metasploit
Metasploit Weekly Wrap-Up: Jan. 28, 2022
A new Log4Shell module for unauthenticated RCE on Ubiquiti UniFi devices, getsystem improvements, and more!
3 min
Research
Open-Source Security: Getting to the Root of the Problem
The past few weeks have shown us the importance and wide reach of open-source security.
4 min
Emergent Threat Response
Active Exploitation of VMware Horizon Servers
Attackers are actively targeting VMware Horizon servers vulnerable to Apache Log4j CVE-2021-44228 (Log4Shell) and related vulnerabilities.
6 min
Log4Shell
Log4Shell Strategic Response: 5 Practices for Vulnerability Management at Scale
Where do you begin to respond to a critical vulnerability like the one in Apache’s Log4j Java library (a.k.a. Log4Shell)? Start with these 5 concepts.
3 min
Application Security
Test for Log4Shell With InsightAppSec Using New Functionality
In this blog, we share how Rapid7 customers can test for Log4Shell with InsightAppSec.
3 min
Metasploit
Metasploit Wrap-Up: Dec. 17, 2021
A new Log4Shell / Log4j scanner module for Metasploit, a new WordPress module, and multiple enhancements and bug fixes
14 min
Log4Shell
The Everyperson’s Guide to Log4Shell (CVE-2021-44228)
This blog is for everyone who wants to understand what’s going on with the Log4Shell vulnerability in Log4j and why the internet seems to be on fire again.
3 min
Application Security
How to Protect Your Applications Against Log4Shell With tCell
Let’s walk through the various ways tCell can help our customers protect against Log4Shell attacks.
7 min
Vulnerability Management
Patch Tuesday - December 2021
This month’s Patch Tuesday comes in the middle of a global effort to mitigate Apache Log4j CVE-2021-44228.
3 min
Threat Intel
Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations
The Rapid7 Threat Intelligence team is tracking the attacker's-eye view on Log4Shell and the related chatter on the clear, deep, and dark web.
8 min
InsightVM
Using InsightVM to Find Apache Log4j CVE-2021-44228
How to use InsightVM or Nexpose to detect exposure to Log4Shell CVE-2021-44228 in your environment, plus additional detail about how our various vulnerability checks work under the hood.