Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.

View Cookie Policy for full details

Rapid7 Blog




Upcoming G20 Summit Fuels Espionage Operations

The international policy and financial community is in ferment for the upcoming G-20 summit, scheduled to kick-off in St Petersburg, Russia, in two weeks from now. The "Group of Twenty" consists of political leaders, finance ministers and bank governors from 19 economically-prominent countries,…

ByeBye Shell and the targeting of Pakistan

Asia and South Asia are a theater for daily attacks and numerous ongoing espionage campaigns between neighboring countries, so many campaigns that it's hard to keep count. Recently I stumbled on yet another one, which appears to have been active since at least the beginning…

Cuckoo Sandbox approaching 1.0

Somewhere around one year ago Cuckoo Sandbox was awarded as one of the winners of the first round of sponsorship through the Magnificent7 program. Since then the project progressed and grew up quickly: when we started the program we were somewhere around release 0.3…

KeyBoy, Targeted Attacks against Vietnam and India

In our never-ending quest to spot and expose the nastiest of the Internet, me and Mark this time incidentally stepped into a targeted attacks campaign apparently directed at a distributed and diversified base of victims. In this blog post we'll analyze two specific incidents apparently…

Spying on the Seven Seas with AIS

If you have not read HD Moore's research on serial port servers,  DO IT NOW. It gives you a shocking perspective on the reality of things: the security industry has been historically blabbing and making consumers concerned about the most recent, complex, intriguing and fashionable…

Fooling malware like a boss with Cuckoo Sandbox

After several months of work, we finally released Cuckoo Sandbox 0.6. This release represents an important step forward in the growth of the project; several new features have been introduced, along with extensive work to improve the overall stability and quality of the sandbox…

Botnets and the War on Bitcoin

If you've been reading the most recent news from the interwebs, you probably heard that Bitcoin is on a rollercoaster. If you're not familiar with it, Bitcoin is a global online currency, the cash of the Internet. It has no central regulator and no authority:…

Skynet, a Tor-powered botnet straight from Reddit

While wandering through the dark alleys of the Internet we encountered an unusual malware artifact, something that we never observed before that gave us fun while we meticulously dissected it until late night. The more we spent time looking at it, the more it started…

Analysis of the FinFisher Lawful Interception Malware

It's all over the news once again: lawful interception malware discovered in the wild being used by government organizations for intelligence and surveillance activities. We saw it last year when the Chaos Computer Club unveiled a trojan being used by the federal government in Germany,…

Cuckoo Sandbox 0.4 Simplifies Malware Analysis with KVM support, Signatures and Extended Modularity

That's right, the much anticipated and long awaited 0.4 release is finally here!Just like divas arrive late at the gala, we took some more time than expected, but are now worthy of a triumphant entrance.If you're not familiar with Cuckoo Sandbox, it's…

Featured Research

National Exposure Index 2018

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More


Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More