Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Recent Posts

Rapid7 Threat Report Meets MITRE ATT&CK: What We Saw in 2019 Q1

The Q1 edition of our Quarterly Threat Report is unique because all investigated incidents have been mapped to the MITRE ATT&CK framework.…

Microsoft Windows RDP Network Level Authentication Bypass (CVE-2019-9510): What You Need to Know

CERT/CC has released an advisory regarding discovered behavior in the Microsoft Windows Remote Desktop Protocol (RDP), which can allow an attacker to bypass the lock screen on some remote sessions.…

Scan Engine Options for InsightVM in AWS: Pre-Authorized AMI vs. Manual Install

In this blog, we’re going to go over installing the InsightVM Scan Engine in an AWS environment without using the Pre-Authorized Scan Engine AMI.…

Why Deploying a SIEM Tool Doesn't Need to Be Complicated: A Pirate Story

Ahoy! In this Blackbeard-inspired blog, we will tell ye’ a tale of navigating your SS SIEM, InsightIDR, through the unpredictable waters of cybersecurity to reach Remediation Island.…

Metasploit Wrap-Up

Unauthenticated scanner for BlueKeep, community hackathon in Austin, and the usual long list of fixes and enhancements.…

Hidden Helpers: Security-Focused HTTP Headers

This blog includes real-world scenarios in which attackers can manipulate unsecured HTTP headers and how to prevent your organization from falling victim.…

Why Patch Management Is Crucial for Securing Your Organization

With the deluge of assets flooding corporate networks, organizations need to have a solid patch management strategy in place.…

Rapid7 Quarterly Threat Report: 2019 Q1

In our recent Quarterly Threat Report, we look at commonly targeted industries, the use of remote entry, and the most common phishing sites by industry.…

Metasploit Wrap-Up

BSD love Outside of macOS, not many people run (or run into) a BSD-flavored system very often. Even still, bcoles and space-r7 teamed up for a pair of BSD enhancements. The first, a privilege escalation, affects FreeBSD's runtime linker dealing with LD_PRELOAD in FreeBSD…

SIEM Delivery Models: Where Do Today’s Risks and Future Technology Lead Us?

Recently, we partnered with Ultimate IT Security to discuss the current and future state of SIEM technology, and how it’s evolving to address current risks.…

Investigating the Plumbing of the IoT Ecosystem (R7-2018-65, R7-2019-07) (FIXED)

Two vulnerabilities have been disclosed for Eaton's Home Lighting HALO Home Smart Lighting System and BlueCats' AA Beacon.…

Metasploit Wrap-Up

Take a moment from this week's barrage of vulnerabilities in seemingly everything to see the cool stuff happening with the Metasploit team of contributors: a video interview between two greats, a new exploit module in GetSimple CMS, and a whole host of improvements.…

The Last Chip

You can learn a lot about an organization—and its leadership team—by eating chips at the airport waiting for a delayed flight.…

How SOAR Is Disrupting Traditional Vulnerability Management

In a recent episode of Whiteboard Wednesday, we dive into how security orchestration, automation, and response (SOAR) is changing traditional vulnerability management.…

Patch Tuesday - May 2019

Hot on the heels of several Apple security advisories on Monday, May's Patch Tuesday sees Microsoft fix nearly 80 vulnerabilities across their product line, some of them very serious indeed, and Adobe address over 80 in Acrobat Reader alone. A fix for a critical remote…