Rapid7 Blog

Tod Beardsley  

AUTHOR STATS:

244

Meltdown and Spectre: What you need to know (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)

After waking up from a long winter’s nap, you may have heard the lamentations about the “Intel Kernel Leak” vulnerability, or the “Kernel Speculative Execution” vulnerability, or, now, the “Meltdown and Spectre” vulnerabilities. This is a quick post to let you know just how…

HaXmas: The True Meaning(s) of Metasploit

Rapid7 Research Director Tod Beardsley kicks off our storied "12 Days of HaXmas" series with a thrilling tale of browser 0day, exploit module development, and the true meaning(s) of Metasploit.…

On the Zero-eth Day of HaXmas...

I suppose it’s only fitting that this year, we introduce our storied 12 Days of HaXmas on the zero-eth day. Technically, Twelvetide doesn’t start until December 25th. This year, we’re focusing on the security events that grabbed our attention, metrics that piqued…

R7-2017-25: Cambium ePMP and cnPilot Multiple Vulnerabilities

Summary of Issues Multiple vulnerabilities in Cambium Networks’ ePMP and cnPilot product lines were discovered by independent researcher Karn Ganeshen, which have, in turn, been addressed by the vendor. The affected devices are in use all over the world to provide wireless network connectivity in…

Attention Humans: The ROBOT Attack

What’s the ROBOT Attack? On the afternoon of December 12, researchers Hanno Böck, Juraj Somorovskym and Craig Young published a paper, website, testing tool, and CTF at robotattack.org detailing a padding oracle attack that affects the way cryptography is handled on secure websites.…

CVE-2017-16943: Exim BDAT Use-After-Free

Exim BDAT Use-After-Free (CVE-2017-16943): What You Need To Know Turns out, the Exim Internet Mailer team was busy over the Thanksgiving holiday, after security researcher “meh” reported a pair of vulnerabilities in the wildly popular open source email server. The first, a critical remote execution…

5 Tips for a Cyber Holiday Season

Five tips on how to approach security this holiday season with family and friends…

NCSAM Security Crash Diet: Wrap-up

Wow, it’s November 7 already, and I still have all my National Cyber Security Awareness Month decorations up! I really need to take care of those. But, before I get to taking down all my 2FA authentication token lawn decorations, I figured it’d…

NCSAM: How Hackable Are You?

Rapid7 partnered with The Today Show to offer a fun, fast self-assessment quiz to determine individual cybersecurity risk levels. How hackable are you?…

No-Priority, Post-Auth Vulnerabilities

In the course of collecting and disclosing vulnerabilities, I occasionally come across an issue that walks like a vuln, quacks like a vuln, but… it’s not exactly a vuln. As per our usual vulnerability disclosure process, we still report these issues to vendors. The…

NCSAM: A Personal Security Crash Diet

We're kicking of National Cyber Security Awareness Month by getting a Rapid7 employee to test out the practicality of common security advice. Follow along throughout October.…

Apache Struts S2-052 (CVE-2017-9805): What You Need To Know

Apache Struts, Again? What’s Going On? Yesterday’s Apache Struts vulnerability announcement describes an XML Deserialization issue in the popular Java framework for web applications. Deserialization of untrusted user input, also known as CWE-502, is a somewhat well-known vulnerability pattern, and I would expect…

You've Got 0-Day!

Hey all, it feels like it's been forever since I wrote a blog post that wasn't about some specific disaster currently consuming the Internet, so I just wanted to drop a note here about how I'll be speaking at UNITED 2017, Rapid7's annual security summit…

Petya-like Ransomware Explained

TL;DR summary (7:40 PM EDT June 28): A major ransomware attack started in Ukraine yesterday and has spread around the world. The ransomware, which was initially thought to be a modified Petya variant, encrypts files on infected machines and uses multiple mechanisms to…

R7-2017-06 | CVE-2017-5241: Biscom SFT XSS (FIXED)

Summary The Workspaces component of Biscom Secure File Transfer (SFT) version 5.1.1015 is vulnerable to stored cross-site scripting in two fields. An attacker would need to have the ability to create a Workspace and entice a victim to visit the malicious page in…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Podcast

Security Nation

Security Nation is a podcast dedicated to covering all things infosec – from what's making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty has been knee–deep in the security sector for nearly two decades. At Rapid7 he leads a solutions-focused team with the mission of helping security professionals do their jobs.

Listen Now