Posts tagged Research

3 min Ransomware

Complimentary GartnerⓇ Report "How to Respond to the 2022 Cyberthreat Landscape": Ransomware Edition

The complimentary GartnerⓇ report “How to Respond to the 2022 Cyberthreat Landscape"will help you understand and defend against the ransomware threat.
3 min Vulnerability Disclosure

CVE-2022-32230: Windows SMB Denial-of-Service Vulnerability (FIXED)

With CVE-2022-32230, a remote and unauthenticated attacker can trigger a denial-of-service condition on Microsoft Windows Domain Controllers.
5 min Events

Defending Against Tomorrow's Threats: Insights From RSAC 2022

Here's a closer look at what some Rapid7 experts who presented at RSAC 2022 had to say about staying ahead of attackers in the months to come.
2 min Events

[VIDEO] An Inside Look at the RSA 2022 Experience From the Rapid7 Team​

We asked four Rapid7 team members to tell us a little bit about their RSAC 2022 experience.
3 min Research

Evaluating the Security of an Enterprise IoT Deployment at Domino's Pizza

Recently, I had a great opportunity to work with Domino's Pizza to evaluate an internally conceived Internet of Things (IoT)-based business solution.
7 min Vulnerability Disclosure

CVE-2022-22977: VMware Guest Authentication Service LPE (FIXED)

A low-privileged local attacker can prevent the VMware Guest Authentication service from running in a guest Windows environment and can crash this service.
4 min Ransomware

A Year on from the Ransomware Task Force Report

We're marking the anniversary of the Ransomware Task Force’s (RTF) report, which offered 48 recommendations to deter and respond to ransomware attacks
5 min Vulnerability Disclosure

CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection

Rapid7 discovered and reported a vulnerability that affects Zyxel firewalls supporting Zero Touch Provisioning (ZTP), identified as CVE-2022-30525.
1 min Cloud Security

[Infographic] Cloud Misconfigurations: Don't Become a Breach Statistic

Our latest infographic highlights some key commonalities uncovered in our 2022 Cloud Misconfigurations Report.
3 min Cloud Security

2022 Cloud Misconfigurations Report: Cloud Security Breaches and Attack Trends

In the 2022 Cloud Misconfigurations Report, we reviewed 68 accounts of breaches from 2021. Let's take a brief look at some of the findings.
4 min Emergent Threat Response

CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)

On April 9, ManageEngine fixed CVE-2022-28810 with the release of ADSelfService Plus Build 6122.
4 min Research

CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed)

On April 12, 2022, Microsoft published CVE-2022-24527, a local privilege escalation vulnerability in Microsoft Connected Cache.
8 min Research

Lessons in IoT Hacking: How to Dead-Bug a BGA Flash Memory Chip

In this post, we cover how to dead-bug a flash memory chip to help aid your IoT hacking research.
4 min Research

Cloud Pentesting, Pt. 3: The Impact of Ecosystem Maturity

Now that we’ve covered the basics of cloud pentesting and the style in which a cloud environment could be attacked, let’s turn our attention to the entirety of this ecosystem.
7 min Research

Cloud Pentesting, Pt. 2: Testing Across Different Deployments

Pentesting in the cloud is just like on-premise, right? It depends on how a customer has set up their cloud deployment.

Popular Topics

Tags