Rapid7 Blog

Ross Barrett  

AUTHOR STATS:

45

Nexpose Coverage Toolkit Update

A couple of weeks back I told you all about the new capability to add custom protocol support in Nexpose.  At first we had opened the github repo up as invitation only.  I'm excited to tell you that since then we've expanded the testability, added…

Introducing the Nexpose Coverage Toolkit

Those of you who pay close attention to our release notes saw that last week, (June 17, 2015) with the Nexpose 5.14.3 release, we made good on something I wrote about here in the first part of the year.  The Nexpose team…

Patch Tuesday, February 2015

For the second straight month Microsoft is holding fast to their blockade of information.  Customers with “Premier” support are getting a very sparse advance notification 24 hours before the advisories drop, and “myBulletins” continues to be useless because it is not updated until well after…

#MOARCHECKS! A quick survey - How should we represent service fingerprints?

Following up to Give the people what they want! #MOARCHECKS we'd like some input regarding our options for encapsulating service (protocol) fingerprinting data.  By this, I mean the content that defines how we recognize that a port is listening for HTTP connections, for example.…

Give the people what they want! #MOARCHECKS

I've been working in the exposure management space for almost 9 years now and if there is one thing that has not changed in that time, it's the demand for more coverage.  People always want more because there always *is* more.  More software,…

Patch Tuesday, January 2015 - Dawn of a new era

Microsoft's January 2015 patch Tuesday marks the start of a new era.  It seems that Microsoft's trend towards openness in security has reversed and the company that was formerly doing so much right, is taking a less open stance with patch information.  It is extremely…

Patch Tuesday - December 2014

December's advanced Patch Tuesday brings us seven advisories, three of which are listed as Critical.  Depending on how you want to count it, we see a total of 24 or 25 CVEs because one of the Internet Explorer CVEs in MS14-080 overlaps with the…

Patch Tuesday, November 2014

Patch Tuesday came in hot this month with 15 advisories, of which 4 are listed as critical.  Hate to point it out, but this was originally advertised as 16 with 5 critical, but the patch for MS14-068 apparently isn't ready for prime time yet.…

October Patch Tuesday + Sandworm

Microsoft is back in fine form this month with eight upcoming advisories affecting Internet Explorer, the entire Microsoft range of supported operating systems, plus Office, Sharepoint Server and a very specific add on module to their development tools called “ASP .NET MVC”. …

Sandworm aka CVE-2014-4114

UPDATED: 2.30pm, ET, Tuesday, Oct 14. There's another vulnerability with a clever name getting a lot of attention: Sandworm aka CVE-2014-4114. This is not a cause for panic for the average system administrator or home users, but you should take it seriously and patch…

Patch Tuesday - September 2014

It's a light round of Microsoft Patching this month.  Only four advisories, of which only one is critical.  The sole critical issue this month is the expected Internet Explorer roll up affecting all supported (and likely some unsupported) versions.  This IE roll…

August Patch Tuesday

Microsoft clearly wants everyone to shake off the dog days of summer and pay attention to patching.  This month's advance notice contains nine advisories spanning a range of MSFT products.  We have the ubiquitous Internet Explorer all supported versions patch (MS14-051), with the…

Oracle CPU: July 2014

Oracle's Quarterly Critical Patch Update (CPU) is never a minor event.  In April we saw 104 security issues addressed, in January it was 144.  This time around we are faced with 113 updates.  These updates span the entire portfolio of Oracle software,…

July Patch Tuesday: Adobe Flash steals the show

Microsoft has released the patches and it is a relatively light month.  Six issues in total, 2 Critical, 3 Important, 1 Moderate.  OS administration teams will be busy, application administrators get the month off.One of the critical issues is MS14-037 IE fix.…

Patch Tuesday, June 2014

Patch Tuesday, June 2014 delivers seven advisories, of them, two critical, five important – one of which is the seldom seen “tampering” type.The remarkable item in this month's advisories is MS14-035, the Internet Explorer patch affecting all supported versions.  That in…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Podcast

Security Nation

Security Nation is a podcast dedicated to covering all things infosec – from what's making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty has been knee–deep in the security sector for nearly two decades. At Rapid7 he leads a solutions-focused team with the mission of helping security professionals do their jobs.

Listen Now