Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

rep  

AUTHOR STATS:

6

12 Days of HaXmas: Beginner Threat Intelligence with Honeypots

This post is the 12th in the series, "12 Days of HaXmas." So the Christmas season is here, and between ordering gifts and drinking Glühwein what better way to spend your time than sieve through some honeypot / firewall / IDS logs and try to…

R7-2014-18: Hikvision DVR Devices - Multiple Vulnerabilities

Rapid7 Labs has found multiple vulnerabilities in Hikvision DVR (Digital Video Recorder) devices such as the DS-7204 and other models in the same product series that allow a remote attacker to gain full control of the device. More specifically, three typical buffer overflow vulnerabilities were…

Scanning All The Things

IntroductionOver the past year, the Rapid7 Labs team has conducted large scale analysis on the data coming out of the Critical.IO and Internet Census 2012 scanning projects. This revealed a number of widespread security issues and painted a gloomy picture of an internet rife…

Vaccinating systems against VM-aware malware

The neverending fight with malware forced researchers and security firms to develop tools and automated systems to facilitate the unmanageable amount of work they've been facing when dissecting malicious artifacts: from debuggers, monitoring tools to virtualized systems and sandboxes. On the other side, malware authors…

Internet Census 2012 - Thoughts

This week, an anonymous researcher published the results of an "Internet Census" - an internet-wide scan conducted using 420,000 insecure devices connected to the public internet and yielding data on used IP space, ports, device types, services and more. After scanning parts…

The Malware Lifecycle - Whiteboard Wednesday

The "Malware Lifecycle" is constantly evolving - the motivations and goals have changed in the past years and are completely different than what they historically used to be. Instead of being a skill demonstration and serving as proof-of-concepts we are nowadays mostly facing financially motivated…