Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Recent Posts

Patch Tuesday - February 2020

A relatively modest 99-vulnerability February Patch Tuesday has arrived with a fix for the Internet Explorer 0-day CVE-2020-0674 (originally ADV200001) announced back on January 17.  Fortunately, that is the only vulnerability reported this month that has been seen actively exploited in the wild.  Our usual…

Intro to the SOC Visibility Triad

In this blog, we break-down the three pillars of the Security Operations Center (SOC) Visibility Triad.…

Rapid7 Analysis and Guidance: CDPwn (CVE-2020-3118)

This blog focuses on CVE-2020-3118, which Rapid7 considers to be the most severe and important of the CDPwn vulnerability group.…

Metasploit Wrap-up

In the week after our CTF, we hope the players had a good time and got back to their loved ones, jobs, lives, studies, and most importantly, back to their beds (and you can find out who the winners were here!). For the Metasploit team,…

InsightConnect Customer Hendrick Automotive Group Benefits from Integrations and Alert Triggers

We spoke with Hendrick Automotive Group’s director of information security about his experience with InsightConnect and its connection to InsightIDR.…

3 Questions to Ask Yourself When Justifying Your Infosec Program

In this blog post, we propose a framework by which most organizations can understand, evaluate, roadmap, and execute on their security programs.…

How to Identify, Prioritize and Remediate Vulnerabilities in the Cloud

In part two of our series on security in the cloud, we’ll discuss how to detect, prioritize, and remediate vulnerabilities that you find in your cloud environment.…

DOUBLEPULSAR over RDP: Baselining Badness on the Internet

How many internet-accessible RDP services have the DOPU implant installed? How much DOPU-over-RDP traffic do we see being sprayed across the internet?…

DOUBLEPULSAR RCE 2: An RDP Story

In this sequel, wvu recounts the R&D (in all its imperfect glory) behind creating a Metasploit module for the DOUBLEPULSAR implant's lesser-known RDP variant. If you're unfamiliar with the more common SMB variant, you can read our blog post detailing how we achieved…

Congrats to the winners of the 2020 Metasploit community CTF

After four days of competition and a whole lot of “trying harder,” we have the winners of this year's Metasploit community CTF. We've included some high-level stats from the game below; check out the scoreboard here. If you played the CTF and want to let…

What You Need to Know to Get Started in the Penetration Testing Field

In this blog, we sat down with our own penetration testers to answer some of your questions to help get you started in the field.…

Metasploit Team Announces Beta Sign-Up for AttackerKB

AttackerKB is a knowledge base of vulnerabilities and informed opinions on what makes them valuable (or not) targets for exploitation.…

Metasploit Wrap-Up

Happy CTF week, folks! If you haven't already been following along with (or competing in) Metasploit's global community CTF, it started yesterday and runs through Monday morning U.S. Eastern Time. Registration has been full for a while, but you can join the #metasploit-ctf channel…

How to Measure the ROI of Your Vulnerability Risk Management Solution

In this blog, we discuss the eight key criteria you should consider when picking and measuring the efficacy of a vulnerability management solution.…

How the Innocent Lives Foundation Uses OSINT to Uncover Online Predators

In the latest Security Nation, we spoke with Chris Hadnagy about the Innocent Lives Foundation, and its work catching perpetrators of child pornography.…