Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.

View Cookie Policy for full details

We've updated Rapid7’s community resources

Hello. We've evolved our community resources to provide a richer experience. Learn more.
Questions? Contact us.

blog.rapid7.com

Blogs, How-tos, & Research

Our new blog will still publish the same cutting-edge research, analysis, and commentary you expect from Rapid7.

Explore the Blog
help.rapid7.com

Docs, Help, & Questions

Help content and documents are now curated to let you get the information you need even faster.

Explore Help
3 min read

CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability: What You Need to Know

 Read More
4 min read

Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350): What You Need to Know

 Read More
4 min read

CVE-2020-6287: Critical Vulnerability in SAP NetWeaver Application Server (AS) Java

 Read More
View All Tags

Popular Tags:
3 min read

Metasploit Wrap-Up

SharePoint DataSet/DataTable deserialization First up we have an exploit from Spencer McIntyre (@zeroSteiner) for CVE-2020-1147, a deserialization vulnerability in SharePoint instances that was patched by Microsoft on July 14th 2020 and which has been getting quite a bit of attention in the news lately.…

Grant Willcox
Grant Willcox Jul 31, 2020 Metasploit
1 min read

Open Source Security Meetup (OSSM): Virtual Edition

The Rapid7 Metasploit team will be hosting our annual Open Source Security Meetup (OSSM) as a virtual event Thursday, August 6th!…

Pearce Barry
Pearce Barry Jul 30, 2020 Metasploit
8 min read

Cloud Best Practices Every Security Professional Should Know

In part one of this series on the cloud and cloud security for security professionals, we dove into everything you’ve ever wanted to know about the cloud.…

Rapid7
Rapid7 Jul 30, 2020 Cloud Security
3 min read

Remote Code Execution Risks in Secomea, Moxa, and HMS eWon ICS VPN Vulnerabilities: What You Need to Know

On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across products of three industrial control system (ICS) vendors’ — HMS, Secomea, and Moxa — remote access technologies.…

boB Rudis
boB Rudis Jul 29, 2020 Vulnerability Management
3 min read

Rapid7 statement on privacy and status of EU-US data transfers post-Schrems II

On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield in the Schrems II case (also known as Data Protection Commissioner v. Facebook Ireland and Maximillian Schrems). Here is our response.…

Raisa Litmanovich
Raisa Litmanovich Jul 29, 2020 Public Policy
3 min read

Joe FitzPatrick on the Future of Hardware Security Training Sessions

On this Security Nation episode, Joe FitzPatrick, a lead researcher at securinghardware.com, discusses what it takes to run a successful hardware training session.…

Bri Hand
Bri Hand Jul 29, 2020 Security Nation
3 min read

Plugin Development Made Easy With Rapid7

The Rapid7 Integrations Team is focused on making plugin development an easy process for all security practitioners, not just those with a programming background.…

Jon Schipp
Jon Schipp Jul 28, 2020 InsightConnect
4 min read

Hear from Your Peers: Advice for Your First 90 Days Using a Vulnerability Management Solution

In a recent survey with InsightVM customers, we asked them to share their best tips for the first 90 days of using a vulnerability management solution.…

Tori Sitcawich
Tori Sitcawich Jul 27, 2020 Vulnerability Management
2 min read

Metasploit Wrap-Up

Yes, it’s a huge enterprise vulnerability week (again) For our 100th release since the release of 5.0 18 months ago, our own zeroSteiner got us a nifty module for the SAP "RECON" vulnerability affecting NetWeaver version 7.30 to 7.50.…

Adam Cammack
Adam Cammack Jul 24, 2020 Metasploit Weekly Wrapup
3 min read

#Rapid7Life in a Remote World: Building the Bridge While We Cross

Upon news of our temporarily closed global office spaces to ensure employee health and safety, we made the quantum leap to a remote world and workplace.…

Rapid7
Rapid7 Jul 24, 2020 Rapid7 Culture
3 min read

CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability: What You Need to Know

On July 22, Cisco released a patch for a high-severity read-only patch traversal vulnerability in its Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products.…

boB Rudis
boB Rudis Jul 23, 2020 Vulnerability Management
4 min read

What’s New in InsightIDR: H1 2020 in Review

This post offers a closer look at select highlights of what’s new in InsightIDR, our cloud-based SIEM tool, from the first half of 2020.…

Margaret Zonay
Margaret Zonay Jul 23, 2020 InsightIDR
5 min read

Q&A from June 2020 Customer Webcast on InsightVM Custom Policy Builder

During our most recent webcast on InsightVM's Custom Policy Builder, we received a lot of great questions from attendees.…

Rapid7
Rapid7 Jul 22, 2020 InsightVM
6 min read

Defense in Depth Using Deception Technology in InsightIDR

Today, we are diving into the four pieces of deception technology that Rapid7 offers through our incident detection and response tool, InsightIDR.…

Garrett Enochs
Garrett Enochs Jul 21, 2020 InsightIDR
2 min read

Rapid7 Releases 2020 NICER Report

Rapid7 has just released the 2020 National / Internet / Cloud Exposure Report, affectionately called the NICER report.…

Tod Beardsley
Tod Beardsley Jul 20, 2020 Research

Never miss a blog

Get the latest stories, expertise, and news about security today.

BACK TO TOP