All Posts

How CISOs’ Roles – and Security Operations – Will Change in 2024

It’s fair to say that 2023 was a turning point for the cybersecurity industry, and no one felt it more than the CISO. From the onslaught of ransomware and zero-day attacks, [http://wewqu.goudounet.com/blog/post/2024/01/12/2023-ransomware-stats-a-look-back-to-plan-ahead/] to the SEC’s new reporting rules [http://wewqu.goudounet.com/globalassets/_pdfs/policy/sec-cybersecurity-compliance-solution-brief.pdf] , and added to technological innovation and sprawl, CISOs have never been under more pressure to ge

5 min Vulnerability Management

Whispers of Atlantida: Safeguarding Your Digital Treasure

Recently, Rapid7 observed a new stealer named Atlantida. The stealer tricks users to download a malicious file from a compromised website, and uses several evasion techniques such as reflective loading and injection before the stealer is loaded.

7 min Application Security

Application Security Posture Management

In this guest blog post by Eric Sheridan, Chief Innovation Officer at valued Rapid7 partner Tromzo, you’ll learn how Rapid7 customers can utilize ASPM solutions to accelerate triaging, prioritization and remediation of findings from security testing products such as InsightAppSec and InsightCloudSec

2 min Metasploit

Metasploit Weekly Wrap-Up 01/12/24

New module content (1) Windows Gather Mikrotik Winbox "Keep Password" Credentials Extractor Author: Pasquale 'sid' Fiorillo Type: Post Pull request: #18604 [http://github.com/rapid7/metasploit-framework/pull/18604] contributed by siddolo [http://github.com/siddolo] Path: windows/gather/credentials/winbox_settings Description: This pull request introduces a new post module to extract the Mikrotik Winbox credentials, which are saved in the settings.cfg.viw file when the "Keep Password" option

4 min Ransomware

2023 Ransomware Stats: A Look Back To Plan Ahead

As we step into 2024, the first victims of ransomware attacks are already being reported. What can the 2023 ransomware stats tell us about the year that was, and how can we use them to plan for the year ahead?

3 min CISOs

4 Questions for CISOs to Reduce Threat Exposure Risk

The report, 2024 Strategic Roadmap for Managing Threat Exposure, can help CISOs and other top executives steer away from risk by analyzing their attack surfaces for gaps.

6 min Emergent Threat Response

Zero-Day Exploitation of Ivanti Connect Secure and Policy Secure Gateways

Ivanti Connect Secure and Ivanti Policy Secure gateways have been exploited in the wild to gain access to corporate networks and conduct a range of nefarious activities, including backdooring legitimate files.

7 min Patch Tuesday

Patch Tuesday - January 2024

Hyper-V critical RCE. Office FBX 3D model vuln. SharePoint RCE. Critical Kerberos MitM. No zero-days. Smallest January PT for several years.

2 min Metasploit

Metasploit Weekly Wrap-Up 1/05/2024

New module content (2) Splunk __raw Server Info Disclosure Authors: KOF2002, h00die, and n00bhaxor Type: Auxiliary Pull request: #18635 [http://github.com/rapid7/metasploit-framework/pull/18635] contributed by n00bhaxor [http://github.com/n00bhaxor] Path: gather/splunk_raw_server_info Description: This PR adds a module for an authenticated Splunk information disclosure vulnerability. This module gathers information about the host machine and the Splunk install including OS version, build, CP

5 min Career Development

Rapid7’s Data-Centric Approach to AI in Belfast

Read on to find out more about the importance of data and AI at Rapid7!

2 min Career Development

Rapid7 Recognized by Newsweek as one of ‘America’s Greatest Workplaces for Diversity for 2024’.

On December 13th, Newsweek Magazine published their list of ‘America’s Greatest Workplaces for Diversity for 2024’.

6 min IoT

Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities

Rapid7, Inc. (Rapid7) discovered vulnerabilities in Aladdin Connect retrofit kit garage door opener and Android mobile application produced by Genie.

8 min Metasploit

Metasploit 2023 Annual Wrap-Up: Dec. 29, 2023

As 2023 winds down, we’re taking another look back at all the changes and improvements to the Metasploit Framework. This year marked the 20th anniversary since Metasploit version 1.0 was committed and the project is still actively maintained and improved thanks to a thriving community. Version 6.3 Early this year in January, Metasploit version 6.3 [http://wewqu.goudounet.com/blog/post/2023/01/30/metasploit-framework-6-3-released/] was released with a number of improvements for targeting Active Dir

10 min Velociraptor

Velociraptor 0.7.1 Release

Rapid7 is excited to announce that version 0.7.1 of Velociraptor is live and available for download. There are several new features and capabilities that add to the power and efficiency of this open-source digital forensic and incident response (DFIR) platform.