2 min
News
SaltStack Pre-Authenticated Remote Root (CVE-2020-16846 and CVE-2020-25592): What You Need to Know
When combined, a new pair of SaltStack vulnerabilities can result in unauthenticated remote root access on a target system.
3 min
Vulnerability Management
Oracle WebLogic Unauthenticated Complete Takeover (CVE-2020-14882/CVE-2020-14750): What You Need to Know
Attackers opting for tricks instead of treats this week as they seek out and attempt to compromise internet-facing WebLogic servers that are vulnerable to CVE-2020-14882.
2 min
InsightVM
Rapid7 Announces Improvements to Goals and SLAs in InsightVM
We’re excited to announce that creating a goal or SLA in InsightVM just became a lot simpler.
18 min
InsightVM
Scan Template Best Practices in InsightVM
This blog post will give you a ballpark best practice that applies to the majority of environments, as well as some descriptions that outline the thought process, math, and reasoning.
9 min
Vulnerability Disclosure
Vulntober: Multiple Mobile Browser Address Bar Spoofing Vulnerabilities
Today, we're announcing a coordinated vulnerability disclosure on a set of address bar spoofing vulnerabilities that affect a number of mobile browsers.
1 min
InsightVM
Fewer False Alarms, Faster Reporting: InsightVM Introduces New One-Click Fix For False Positives
Let’s talk false positives. They’re frustrating and faulty to anyone in security. The good news? We’ve added even more ways to reduce the noise they cause.
3 min
Vulnerability Management
There Goes The Neighborhood: Dealing With CVE-2020-16898 (and CVE-2020-1656) (aka"Bad Neighbor")
Microsoft released a patch for BSoD + RCE CVE-2020-16898 ("Bad Neighbor") in the October 2020 Patch Tuesday vulnerability disclosures along with Juniper releasing CVE-2020-1656 the same week.
4 min
InsightVM
How InsightVM Helps You Save Time and Prove Value
In this post, we’ll cover how InsightVM helps teams tackle operational challenges, maximize resources, and prove the value and ROI of their efforts.
3 min
Vulnerability Management
Why Every Organization Needs a Vulnerability Management Policy
In this blog post, we will discuss why vulnerability management is critical for any organization looking to reduce risk.
2 min
News
HP Device Manager Cavalcade of Critical CVEs (CVE-2020-6925:6927): What You Need to Know
HP released a security bulletin on Sept. 25, 2020, disclosing a set of vulnerabilities in HP Device Manager.
5 min
Research
Microsoft Exchange 2010 End of Support and Overall Patching Study
Today's topic is Exchange 2010, which reaches end of support (EoS) on Oct. 13, 2020, as well as a survey of other versions of Exchange and how well they are being kept up-to-date.
3 min
InsightVM
Decentralize Remediation Efforts to Gain More Efficiency with InsightVM
We’re excited to introduce you to two new InsightVM product updates to help you further reduce friction, save time, and gain greater efficiency.
2 min
Vulnerability Management
CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know
CVE-2020-1472 is a critical privilege escalation vulnerability that can yield an attacker full takeover of an affected network. Here's what you need to know.
3 min
Vulnerability Management
Vulnerability Remediation vs. Mitigation: What’s the Difference?
In this blog, we dive into better understanding the difference between vulnerability mitigation vs. remediation.
4 min
InsightVM
How to Track and Remediate Default Account Vulnerabilities in InsightVM
In this blog post, we discuss older, lesser-known features that can still provide amazing value in your vulnerability management program using InsightVM.