120 Vulnerabilities Patched in Microsoft's August 2020 Update Tuesday (2020-Aug Patch Tuesday)August 2020 brings along patches for 120 vulnerabilities within the standard set of Microsoft products (Windows, Office, Browsers, and Developer Tools such as .NET Framework, ASP.NET, and Visual Studio). Among the crowd…
Rapid7 is thrilled to be named a Leader in The Forrester Wave™: Midsize Managed Security Services Providers, Q3 2020!…
Throughout the first half of the year, we released updates and features to help security teams work more effectively and efficiently in InsightVM.…
Our Rapid7 experts attended another day of incredible talks, and have plenty of key takeaways and insights to share about their Virtual Vegas sessions.…
Metasploit 6 initial features and active development, the 2020 open-source security meetup (OSSM), four new modules, and the longest list of enhancements and fixes we've ever written in one sitting.…
We’re excited to share that over the past few weeks, we’ve released support for 32-bit applications for our .NET, .NET Core, and IIS agents.…
Even from home, it can be tough to catch what you want to see at Black Hat, so we had our experts do the work for you as part of our Virtual Vegas event.…
The Metasploit team announces active development of Metasploit Framework 6. Initial features include end-to-end encryption of Meterpreter communications, SMBv3 client support, and a new polymorphic payload generation routine for Windows shellcode.…
Zoom adoption has skyrocketed with spikes in remote working, but web application security needs to be a top priority to avoid disruptions in collaboration.…
SharePoint DataSet/DataTable deserialization First up we have an exploit from Spencer McIntyre (@zeroSteiner) for CVE-2020-1147, a deserialization vulnerability in SharePoint instances that was patched by Microsoft on July 14th 2020 and which has been getting quite a bit of attention in the news lately.…
The Rapid7 Metasploit team will be hosting our annual Open Source Security Meetup (OSSM) as a virtual event Thursday, August 6th!…
In part one of this series on the cloud and cloud security for security professionals, we dove into everything you’ve ever wanted to know about the cloud.…
On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across products of three industrial control system (ICS) vendors’ — HMS, Secomea, and Moxa — remote access technologies.…
On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield in the Schrems II case (also known as Data Protection Commissioner v. Facebook Ireland and Maximillian Schrems). Here is our response.…
On this Security Nation episode, Joe FitzPatrick, a lead researcher at securinghardware.com, discusses what it takes to run a successful hardware training session.…
