Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Tod Beardsley  

Director of Research at Rapid7, contributing author of several Rapid7 research papers, CVE Board member, and Metasploit collaborator. https://keybase.io/todb

CVE-2020-7378: OpenCRX Unverified Password Change (FIXED)

OpenCRX version 4.30 and version 5.0-20200717 suffers from an unverified password change vulnerability, which is an instance of CWE-620.…

NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)

In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of the Microsoft SQL Server.…

NICER Protocol Deep Dive: Internet Exposure of MySQL

In the latest edition of our "NICER Protocol Deep Dive blog series, we take a more detailed look at the internet exposure of MySQL.…

NICER Protocol Deep Dive: Internet Exposure of Citrix ADC/NetScaler

In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of Citrix ADC/NetScaler.…

NICER Protocol Deep Dive: Internet Exposure of Remote Desktop (RDP)

In this edition of our NICER Protocol Deep Dive blog series, we break down the internet exposure of remote desktop (RDP).…

Vulntober: Multiple Mobile Browser Address Bar Spoofing Vulnerabilities

Today, we're announcing a coordinated vulnerability disclosure on a set of address bar spoofing vulnerabilities that affect a number of mobile browsers.…

NICER Protocol Deep Dive: Internet Exposure of IMAP and POP

In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of IMAP and POP.…

NICER Protocol Deep Dive: Internet Exposure of VNC

In this installment of our NICER Protocol Deep Dive blog series, we cover the internet exposure of VNC.…

NICER Protocol Deep Dive: Internet Exposure of SMTP

In this installment of our NICER Protocol Deep Dive blog series, we discuss internet exposure of SMTP.…

NICER Protocol Deep Dive: Internet Exposure of rsync

In this installment of our NICER Protocol Deep Dive blog series, we take a closer look at internet exposure of rsync.…

NICER Protocol Deep Dive: Internet Exposure of SMB

In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at internet exposure of SMB.…

NICER Protocol Deep Dive: Internet Exposure of FTP/S (TCP/990)

In this installation of our NICER Protocol Deep Dive blog series, we take a look at the internet exposure of FTP/S (TCP/990).…

NICER Protocol Deep Dive: Internet Exposure of FTP

In this installment of the NICER Protocol Deep Dive blog series, we cover internet exposure of FTP.…

NICER Protocol Deep Dive: Secure Shell (SSH)

In the second installment of our NICER Protocol Deep Dive blog series, we cover Secure Shell (SSH).…

Rapid7 Releases 2020 Under the Hoodie Report: Lessons Learned from a Year of Penetration Tests

Rapid7 recently released its 2020 Under the Hoodie report, detailing the ins and outs of penetration testing.…

Never miss a blog

Get the latest stories, expertise, and news about security today.