6 min
Research
For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy
When it comes to the state of patching for recent Exchange Server vulnerabilities, the picture is more incomplete than you'd think.
5 min
Research
Microsoft Exchange 2010 End of Support and Overall Patching Study
Today's topic is Exchange 2010, which reaches end of support (EoS) on Oct. 13, 2020, as well as a survey of other versions of Exchange and how well they are being kept up-to-date.
7 min
Microsoft
Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)
As of March 24, there were over 350,000 Microsoft Exchange servers exposing a version of the software with a vulnerability.
5 min
Research
DOUBLEPULSAR over RDP: Baselining Badness on the Internet
How many internet-accessible RDP services have the DOPU implant installed? How much DOPU-over-RDP traffic do we see being sprayed across the internet?
4 min
Honeypots
Apache Struts Vulnerability (CVE-2017-5638) Exploit Traffic
UPDATE - March 10th, 2017: Rapid7 added a check that works in conjunction with
Nexpose's web spider functionality. This check will be performed against any
URIs discovered with the suffix “.action” (the default configuration for Apache
Struts apps). To learn more about using this check, read this post
[https://www.rapid7.com/blog/post/2017/03/15/using-web-spider-to-detect-vulnerable-apache-struts-apps-cve-2017-5638/]
.
UPDATE - March 9th, 2017: Scan your network for this vulnerability
[https://
6 min
Rapid7 Perspective
Conflicting perspectives on the TLS 1.3 Draft
In the security industry, as in much of life, a problem we often face is that of
balance. We are challenged with finding the balance between an organization's
operational needs and the level of security that can be implemented. In many
situations an acceptable, if less than optimal, solution can be found but there
are cases where this balance cannot be achieved. I recently saw a case of this
[https://mailarchive.ietf.org/arch/msg/tls/KQIyNhPk8K6jOoe2ScdPZ8E08RE/] on the
mailing list of the IETF
5 min
CIS Controls
Using CIS Controls To Stop Your Network From Falling in With the Wrong Crowd
Earlier this month Kyle Flaherty wrote a post
[https://www.rapid7.com/blog/post/2016/10/06/rapid7-on-top-in-sans-critical-security-controls/]
on the Rapid7 Community Blog about how Rapid7 came out on top for coverage of
the Center for Internet Security (CIS) Top 20 Security Controls
[https://www.cisecurity.org/controls]. In light of recent DDoS events I'd like
to take a little time to discuss at a high level what the controls are, how they
would help, and what organizations can do to improve th
9 min
Project Sonar
Project Sonar Study of LDAP on the Internet
The topic of today's post is a Rapid7 Project Sonar
[https://sonar.labs.rapid7.com/] study of publicly accessible LDAP services on
the Internet. This research effort was started in July of this year and various
portions of it continue today. In light of the Shadowserver Foundations's
recent announcement [https://ldapscan.shadowserver.org/] regarding the
availability relevant reports we thought it would be a good time to make some of
our results public. The study was originally intended to be a