This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.
If you continue to browse this site without changing your cookie settings, you agree to this use.
View Cookie Policy for full details
Our new blog will still publish the same cutting-edge research, analysis, and commentary you expect from Rapid7.
Explore the BlogHelp content and documents are now curated to let you get the information you need even faster.
Explore HelpStarting February 27, 2021, Rapid7 has observed a notable increase in the exploitation of Microsoft Exchange through existing detections in InsightIDR’s Attacker Behavior Analytics (ABA). The Managed Detection and Response (MDR) identified multiple, related compromises in the past 72 hours. In most cases, the…
Complicated cloud compliance is weighing on many organizations as off-premises security quickly becomes more of the norm.…
Flink targeting, Process Herpaderping, and more in this week's Metasploit wrap-up!…
In honor of Black History Month, we would like to recognize some of our amazing team members who have made an impact on our company culture, embody our core values, and exude excellence.…
Co-sponsored by Forrester, a recent Rapid7 webcast expounds upon the topics discussed in this blog post.…
On Feb. 24, 20201, Cisco released many patches for multiple products, three of which require immediate attention by organizations if they are running affected systems and operating system/software configurations.…
On Feb. 23, 2021, VMware published an advisory describing three weaknesses affecting VMware ESXi, VMware vCenter Server, and VMware Cloud Foundation.…
Read on to learn more about our North America VRM Software Engineering team, why they chose to bring their talents to Rapid7, and why you should, too!…
Fortunately, there’s a way to get the visibility your team needs and streamline alerts: leveraging a cloud-based SIEM.…
GSoC Rocks! In a rare double whammy, one of our 2020 Google Summer of Code (GSoC) participants has authored a PR containing both enhancements & a new module! Improvements to our SQL injection library now allow PostgreSQL injection, and this new functionality has been verified…
Let’s take a more in-depth look at modern vulnerability risk management (VRM) and what to look for in a holistic solution.…
Modern web apps are two things: complex, and under persistent attack.…
As the threat landscape continues to evolve in size and complexity, so does the security skills and resource gap, leaving organizations both understaffed and overwhelmed.…
Today, more and more organizations are adopting multi-cloud or hybrid environments, creating increasingly more dispersed security environments…
This installment includes a new MicroFocus RCE module, an updated Microsoft Exchange patch bypass, and items without 'Micro' in the title, too!…