4 min
Research
Rapid7 Labs’ 2020 Naughty List Summary Report to Santa
Your dutiful elves here at Rapid7 Labs have compiled a list of the naughty country networks being used to launch cyberattacks across the globe.
5 min
Security Strategy
UPnP With a Holiday Cheer
For today’s discussion, this blog post will only cover the port forwarding services and will also share a Python script you can use to start examining this service.
4 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of memcached
In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of memcached.
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)
In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of the Microsoft SQL Server.
1 min
Under the Hoodie
Behind the Scenes: Under the Hoodie 2020 Video Series
In this blog, we take you on a behind-the-scenes look at the making of our 2020 Under the Hoodie video series.
13 min
Research
Don’t Put It on the Internet: Tesla Backup Gateway Edition
In this blog, we address Tesla Backup Gateways and identify key areas where Tesla could improve security and privacy to help customers protect themselves.
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of MySQL
In the latest edition of our "NICER Protocol Deep Dive blog series, we take a more detailed look at the internet exposure of MySQL.
2 min
News
SaltStack Pre-Authenticated Remote Root (CVE-2020-16846 and CVE-2020-25592): What You Need to Know
When combined, a new pair of SaltStack vulnerabilities can result in unauthenticated remote root access on a target system.
2 min
This One Time on a Pen Test
This One Time on a Pen Test: How I Hacked a Self-Driving Car
In our latest edition of "This One Time on a Pen Test," we take a deeper look at an engagement involving a self-driving car.
4 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of Citrix ADC/NetScaler
In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of Citrix ADC/NetScaler.
5 min
Research
The Story Behind Security Breaches
There are many potential causes of security breaches, but what is a common root cause? Human error.
5 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of Remote Desktop (RDP)
In this edition of our NICER Protocol Deep Dive blog series, we break down the internet exposure of remote desktop (RDP).
3 min
Research
PSA: Increase in RDP Attacks Means It's Time to Mind Your RDPs and Qs
Our research team looks into the increase in RDP attacks against RDP servers without multi-factor authentication enabled and helps organizations strengthen their infrastructure against these attacks.
2 min
This One Time on a Pen Test
This One Time on a Pen Test: Doing Well With XML
In the latest edition of "This One Time on a Pen Test," we discuss a classic web application engagement involving XML.
6 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of SMTP
In this installment of our NICER Protocol Deep Dive blog series, we discuss internet exposure of SMTP.