Dispelling Zoom Bugbears: What You Need to Know About the Latest Zoom Vulnerabilities
In this blog, we break down what you need to know about the recent Zoom security issues and its vulnerability remediation process.…
Working from Home? Wi-Fi Security and Tips and Tricks
I jotted down some Wi-Fi security and management tips for my friends and colleagues who might not have paid much attention to their home networking.…
Rapid7 2020 Threat Report: Exposing Common Attacker Trends
In this blog, we break-down the three key sections of the newly-released Rapid7 2020 Threat Report.…
R7-2019-40: Bloomsky SKY2 Weather Camera Station Data Authenticity and Exposure Vulnerabilities
Multiple information leak vulnerabilities are present in the Bloomsky SKY2 network, obtainable via JSON queries.…
Election Security: What You Need to Know
In this blog, we break down everything you need to know about the collection of security challenges throughout elections.…
IoT Vuln Disclosure: Children's GPS Smart Watches (R7-2019-57)
In a recent IoT hacking training exercise, Rapid7 penetration testers set out to find vulnerabilities in a number of children's GPS-enabled smart watches.…
Rapid7 Introduces Industry Cyber-Exposure Report: Deutsche Börse Prime Standard 320
Today, Rapid7 released our fifth Industry Cyber-Exposure Report (ICER) examining the overall exposure of the companies listed in the Deutsche Börse Prime Standard index.…
R7-2019-32: Denial-of-Service Vulnerabilities in Beckhoff TwinCAT PLC Environment
Rapid7 researcher Andreas Galauner has discovered two vulnerabilities affecting the TwinCAT PLC environment.…
Rapid7 Introduces Industry Cyber-Exposure Report: Nikkei 225
Today, Rapid7 released our fourth Industry Cyber-Exposure Report (ICER) examining the overall exposure of the companies listed in the Nikkei 225 index.…
Black Hat, DEF CON, and BSides 2019: Highlights and Emerging Industry Trends
As Hacker Summer Camp comes to a close, we sat down with a few friends in the security space to discuss the major highlights from Black Hat, DEF CON, and BSides .…
R7-2019-18: Multiple Hickory Smart Lock Vulnerabilities
The Hickory Smart BlueTooth Enabled Deadbolt IoT ecosystem (which includes mobile applications as well as a cloud-hosted web and MQTT infrastructure) has several vulnerabilities.…
[Research] Under the Hoodie, 2019 Edition: Lessons Learned from 180 Penetration Tests
Our 2019 Under the Hoodie report covers the measurable results of about 180 penetration tests conducted by Rapid7. Find out what we learned.…
Zoom Video Snooping Security Flaw (CVE-2019-13450): What You Need to Know
Here's what you need to know about the recent Zoom vulnerability disclosure.…
Metasploit Development Diaries: Q2 2019
Hey folks, it's towards the end of the second quarter, which means it's high time for another Metasploit Dev Diary! If you already know what this series is about, feel free to just click on over here and read away. If you need more convincing,…
Investigating the Plumbing of the IoT Ecosystem (R7-2018-65, R7-2019-07) (FIXED)
Two vulnerabilities have been disclosed for Eaton's Home Lighting HALO Home Smart Lighting System and BlueCats' AA Beacon.…
