6 min
Log4Shell
Log4Shell 2 Months Later: Security Strategies for the Internet's New Normal
On Wednesday, February 16, Rapid7 experts Bob Rudis, Devin Krugly, and Glenn Thorpe sat down for a webinar on the current state of the Log4j vulnerability.
14 min
Research
Dropping Files on a Domain Controller Using CVE-2021-43893
On December 14, 2021, during the Log4Shell chaos, Microsoft published CVE-2021-43893, a remote privelege escalation vulnerability affecting Windows EFS.
6 min
Vulnerability Management
Patch Tuesday - February 2022
February 2022's fixes from Microsoft are relatively light as far as Patch Tuesdays go.
10 min
Patch Tuesday
Patch Tuesday - January 2022
The first Patch Tuesday of 2022 sees Microsoft publishing fixes for over 120
CVEs across the bulk of their product line, including 29 previously patched CVEs
affecting their Edge browser via Chromium. None of these have yet been seen
exploited in the wild, though six were publicly disclosed prior to today. This
includes two Remote Code Execution (RCE) vulnerabilities in open source
libraries that are bundled with more recent versions of Windows: CVE-2021-22947
[https://msrc.microsoft.com/update-
6 min
Log4Shell
Log4Shell Strategic Response: 5 Practices for Vulnerability Management at Scale
Where do you begin to respond to a critical vulnerability like the one in Apache’s Log4j Java library (a.k.a. Log4Shell)? Start with these 5 concepts.
7 min
Vulnerability Management
Patch Tuesday - December 2021
This month’s Patch Tuesday comes in the middle of a global effort to mitigate Apache Log4j CVE-2021-44228.
8 min
InsightVM
Using InsightVM to Find Apache Log4j CVE-2021-44228
How to use InsightVM or Nexpose to detect exposure to Log4Shell CVE-2021-44228 in your environment, plus additional detail about how our various vulnerability checks work under the hood.
3 min
Vulnerability Management
Deepfakes: A Nascent Cybersecurity Threat
There's one cybersecurity threat trend in particular we think is worth watching out for: deepfakes.
2 min
InsightVM
Distribute Reports to Email Addresses in InsightVM
A new email reports feature in InsightVM allows users to easily and quickly distribute reports to users who may not have access to the platform.
3 min
SOAR
Better Together: XDR, SOAR, Vulnerability Management, and External Threat Intelligence
Effectively prioritizing security incidents comes down to having the right data and intelligence from inside your IT environment and the world outside.
4 min
InsightVM
InsightVM Scan Diagnostics: Troubleshooting Credential Issues for Authenticated Scanning
Scan Diagnostics will report a “vulnerable” result against assets when the Scan Engine is supplied with credentials but unable to gather local information.
6 min
InsightVM
Passwordless Network Scanning: Same Insights, Less Risk
The Scan Assistant is a lightweight service within InsightVM Network Scan Engine that can scan against targets without the need to provide credentials
7 min
Vulnerability Management
Patch Tuesday - October 2021
Today’s Patch Tuesday sees Microsoft issuing fixes
[https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct] for over 70 CVEs,
affecting the usual mix of their product lines. From Windows, Edge, and Office,
to Exchange, SharePoint, and Dynamics, there is plenty of patching to do for
workstation and server administrators alike.
One vulnerability has already been seen exploited in the wild: CVE-2021-40449
[https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40449] is
an elev
6 min
Research
For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy
When it comes to the state of patching for recent Exchange Server vulnerabilities, the picture is more incomplete than you'd think.
1 min
Lost Bots
[The Lost Bots] Episode 6: D&R + VM = WINNING!
In this episode, Practice Advisor Devin Krugly joins to discuss how Detection and Response + Vulnerability Management = a winning combination.