Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Recent Posts

Cybersecurity Traveling Tips for the Holiday Season

In this blog, we include a slew of tips and best-practices for travelers to implement in order to keep their data and personal information safe.…

Six Things Retailers Can Do to Shore Up Their Security Ahead of Cyber Monday

In this blog, the Rapid7 Labs team breaks down some steps online merchants can take to make sure the shopping experience is as safe and secure as possible.…

Metasploit Wrap-Up

Payload payday As we blogged about yesterday, a new form of payload that is compiled directly from C when generated was added by space-7. We hope this is only the first step in a journey of applying the myriad tools that obfuscate C programs to…

How SMBs Can Decrease Vulnerabilities and Incident Response Time with Automation

In this blog, we discuss how Security Automation can free up time and resources for people to do more valuable, creative work.…

InsightConnect Announces New Plugin for Microsoft Teams

Rapid7 is excited to announce a new plugin between InsightConnect and Microsoft Teams that helps you collaborate, notify, and drive your workflows.…

How Our New Jenkins Integration for InsightAppSec Enables DevSecOps Collaboration

Rapid7 is excited to announce the release of an integration to integrate InsightAppSec within Jenkins to improve release cycles and reduce vulnerabilities.…

Rapid7 Quarterly Threat Report: 2019 Q3

In this blog, we dive into the Rapid7 Quarterly Threat Report for Q3 of 2019 and the MITRE ATT&CK™ framework.…

What It Takes to Successfully Embed Security in Engineering

In this episode of Security Nation, Oliver Day spoke about learning to work with engineering teams on security initiatives, rather than against them.…

Metasploit Wrap-Up

Pulse Secure VPN exploit modules, a notable BlueKeep exploit reliability improvement, and an overhaul of MSF's password cracking integration, including new support for hashcat.…

What Is Texas Senate Bill 820, and How Will It Affect Your School District?

In this post, we share how SB 820 will affect your school and district, and how you can respond by selecting a framework to improve your security program.…

We Don’t Want White Font: Office Macros, Evasion, and Malicious Self-Reference

We identified the use of a document that leverages malformed headers, white fonts, and embedded VBA macros that execute the document’s contents via WScript.…

How to Develop a Common Language for Security Buy-In Across Your Business

In this blog, we break-down what keeps organizations from advancing their security programs, and how businesses can establish security priorities.…

Patch Tuesday - November 2019

November's Patch Tuesday is upon us and, this month, Microsoft addressed 74 vulnerabilities of which one Internet Explorer vulnerability (CVE-2019-1429) has been seen under active exploitation. By prioritizing the released Microsoft Windows and Internet Explorer patches, the door to 58 of the 74 vulnerabilities will…

IoT Security and Risk: What Is It, Where Is It Heading, and How Do We Embrace It?

In this blog, we discuss what security professionals should be doing to secure their IoT devices and where companies often go wrong with IoT security.…