4 min
Vulnerability Management
CVE-2019-15846 Privileged Remote Code Execution Vulnerability in the Exim Mailer: What You Need to Know
On Sept. 6, the Exim development team released a patch for CVE-2019-15846, which fixed a privileged, unauthenticated RCE weakness in its popular internet email server software.
5 min
Cloud Infrastructure
How to Set Up InsightVM in Your Google Cloud Environment
In this blog post, we’ll go over how to set up our vulnerability scanner, InsightVM in your Google Cloud and how to tweak it for your environment.
8 min
AWS
Automating the Cloud: AWS Security Done Efficiently
Today, we are going to be installing software on all your existing EC2 instances across several (or all!) accounts under an organization in AWS.
2 min
Patch Tuesday
Patch Tuesday - August 2019
First off, the big news for today's Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/312890cc-3673-e911-a991-000d3a33a34d]
: Microsoft has fixed four new Remote Desktop Services (RDS) vulnerabilities,
reminiscent of the BlueKeep
[/2019/07/31/bluekeep-cve-2019-0708-for-windows-rdp-what-you-need-to-know/]
vulnerability (CVE-2019-0708
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708]
) that was patched last May. CVE-2019-11
2 min
Vulnerability Management
August 2019 Microsoft Remote Desktop Services (RDP) Patches: What You Need to Know
A new set of vulnerabilities in RDP impact every modern version of Windows. Here's what you need to know.
3 min
Vulnerability Management
BlueKeep Exploits May Be Coming: Our Observations and Recommendations
Rapid7 Labs has observed a significant uptick in malicious RDP activity since the release of CVE-2019-0708 (aka “BlueKeep”).
2 min
InsightVM
Ensuring Timely Remediation of Security Risks with Service-Level Agreements (SLAs) in InsightVM
Rapid7 makes it easy for you to set up and track service-level agreements (SLAs) in InsightVM.
9 min
Vulnerability Management
So, You Think You Can Query?
In this blog, we are going to explore the basics of how to make queries in our cloud-based vulnerability management solution, InsightVM.
2 min
InsightVM
How Rapid7’s AWS Security Hub Integrations Increase Cloud Visibility and Automate Security Operations
As part of our ongoing commitment to support customers using Amazon Web Services (AWS), Rapid7 announces integrations with the AWS Security Hub for vulnerability management and SOAR solutions.
3 min
InsightVM
Rapid7 Releases Cloud Configuration Assessment Capabilities in InsightVM
Rapid7 is pleased to announce that we have released new Cloud Configuration Assessment capabilities in our InsightVM vulnerability management solution.
3 min
InsightVM
Blocking User Access to Vulnerable Assets with CyberArk and InsightVM
With InsightVM's new integration with the CyberArk Privileged Access Security Solution, user access to vulnerable assets can be automatically restricted until the issue is eliminated.
3 min
Windows
Microsoft Windows RDP Network Level Authentication Bypass (CVE-2019-9510)
CERT/CC has released an advisory regarding discovered behavior in the Microsoft Windows Remote Desktop Protocol (RDP), which can allow an attacker to bypass the lock screen on some remote sessions.
3 min
Vulnerability Management
Why Patch Management Is Crucial for Securing Your Organization
With the deluge of assets flooding corporate networks, organizations need to have a solid patch management strategy in place.
3 min
Vulnerability Management
How SOAR Is Disrupting Traditional Vulnerability Management
In a recent episode of Whiteboard Wednesday, we dive into how security orchestration, automation, and response (SOAR) is changing traditional vulnerability management.
9 min
Vulnerability Management
Medical Device Security, Part 3: Putting Safe Scanning into Practice
In this blog post, we put the theory we've built out in our medical device scanning series into practice.