May 2020 Cisco Remote Vulnerabilities Guidance
Cisco has posted patches for 34 vulnerabilities on May 6, 2020, with half a dozen that require your immediate attention.…
CVE-2020-12271: Sophos XG Firewall Pre-Auth SQL Injection Vulnerability Remediation Guidance and Exposure Overview
On April 22, Sophos received a report documenting a suspicious field value visible in the management interface of an XG Firewall.…
Oh, Behave! Who Made It to Rapid7 Labs' Naughty List(s) in 2019?
The Labs team thought it might be fun to give folks a glimpse into who made it to some of our naughtiest lists in 2019 based on insights gleaned through our research projects.…
Cisco Self-Signed Certificate Expiration on Jan. 1, 2020: What You Need to Know
Cisco released Field Notice 70489 this week making owners of a wide range of Cisco devices of an impending certificate expiration issue.…
Six Things Retailers Can Do to Shore Up Their Security Ahead of Cyber Monday
In this blog, the Rapid7 Labs team breaks down some steps online merchants can take to make sure the shopping experience is as safe and secure as possible.…
What a Difference a Year Makes: Revisiting Our Inaugural Fortune 500 ICER One Year Later
It's now been a year since we released our first Fortune 500 ICER, so we decided to take a quick look at a key control, DMARC, to look for improvements.…
CVE-2019-15846 Privileged Remote Code Execution Vulnerability in the Exim Mailer: What You Need to Know
On Sept. 6, the Exim development team released a patch for CVE-2019-15846, which fixed a privileged, unauthenticated RCE weakness in its popular internet email server software.…
August 2019 Microsoft Remote Desktop Services (RDP) Patches: What You Need to Know
A new set of vulnerabilities in RDP impact every modern version of Windows. Here's what you need to know.…
BlueKeep Exploits May Be Coming: Our Observations and Recommendations
Rapid7 Labs has observed a significant uptick in malicious RDP activity since the release of CVE-2019-0708 (aka “BlueKeep”).…
Rapid7 Releases Industry Cyber-Exposure Report: FTSE 250+
Today, Rapid7 released our third Industry Cyber-Exposure Report, examining the overall exposure of the companies listed in the FTSE 250 index.…
Microsoft Windows RDP Network Level Authentication Bypass (CVE-2019-9510): What You Need to Know
CERT/CC has released an advisory regarding discovered behavior in the Microsoft Windows Remote Desktop Protocol (RDP), which can allow an attacker to bypass the lock screen on some remote sessions.…
WannaCry, Two Years On: Current Threat Landscape, Forgotten Lessons, and Hope for the Future
In this blog, we take a look at the current attacker landscape related to EternalBlue and ransomware, along with some lessons that have not been learned since WannaCry.…
Key Concepts and Findings from the 2019 Verizon Data Breach Investigations Report
Our Rapid7 Labs research team has pored over Verizon Data Breach Investigations Report to identify some key waypoints to help the Rapid7 community navigate through this sea of information.…
WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2019-2725): What You Need to Know
Oracle has released an out-of-band security advisory and set of patches for Oracle WebLogic Server versions 10.3.6.0 and 12.1.3.0.…
4 Key Lessons from the Citycomp Data Breach
On April 30, 2019 Motherboard reported on a combined data breach and extortion attempt against Citycomp, a network and internet infrastructure firm based in Germany.…