Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Phishing  

Compromised Credentials Have a High ROI for Attackers

Given that detecting the use of compromised credentials is at the core of user behavior analytics', and InsightIDR's, focus, I want to explain why compromised credentials are so valuable to attackers. To effectively understand any attacker tools and techniques, we have to put them into…

Catching Stealthy Attackers: Detecting Log Deletion and Brand New Phishing Domains

It should come as no surprise by now that attackers are doing their best ninja impressions when trying to monetize the data on your network, whether it be credit card data, intellectual property, health records, or something else entirely. The longer their presence remains unknown,…

InsightIDR Detects Unknown Spear Phishing Attacks

Phishing continues to be one of the top attack vectors behind breaches, according to the latest Verizon Data Breach Investigations Report. Sending ten phishing emails to an organization yields a 90% chance that company credentials are compromised. Phishing is often the first step in the…

Sometimes the simplest security works the best

The FBI this week posted an alert that showed wire transfer scams bled $2.3 Billion from “business email compromise” from October 2013 through February 2016.  A couple of news outlets picked this up, including Brian Krebs. When I was the head of security at…

The Topology of Malicious Activity on IPv4

by Suchin Gururangan & Bob Rudis At Rapid7, we are committed to engaging in research to help defenders understand, detect and defeat attackers. We conduct internet-scale research to gain insight into the volatile threat landscape and share data with the community via initiatives like Project…

Top 3 Takeaways from the "How to Make your Workplace Cyber-Safe" Webcast

In the first of four Cyber Security Awareness Month webcasts, a panel of security experts, including Bob Lord, CISO in Residence at Rapid7, Ed Adams, President and CEO at Security Innovation, Chris Secrest, Information Security Manager at MetaBank, and Josh Feinblum, VP of Information Security…

Get Off the Hook: Ten Phishing Countermeasures to Protect Your Organization

The Internet is full of articles for how to tell if an email is phishing but there seems to be a lack of concise checklists how to prepare an organization against phishing attacks, so here you go. Because phishing attacks humans and systems alike, the…

[5 Min Demo] Investigate Security Incidents Faster with User Context

Investigating incidents is a tough challenge. It's like solving a 100 piece jigsaw puzzle with a million unarranged pieces on the table. We must first identify what's relevant, and only then start to piece the disparate information together into a coherent picture. This requires a…

Top 3 Takeaways from the "Storming the Breach, Part 1: Initial Infection Vector" Webcast

In the recent Rapid7 webcast, “Storming the Breach, Part 1: Initial Infection Vector”, Incident Response experts Wade Woolwine and Mike Scutt had a technical discussion on investigation methodologies for the 3 most common breach scenarios: spear phishing, browser exploitation, and web server compromise. Their discussion…

Join us at Camp Rapid7: Free Security Learnings All Summer Long

This summer, Rapid7 is hosting a ton of free, educational security content at the Rapid7 Security Summer Camp. Camp Rapid7 is a place where security professionals of all ages (Girls AND Boys Allowed!) can gain knowledge and skill in incident detection and response, cloud security,…

Top 3 Takeaways from the "Getting One Step Ahead of the Attacker: How to Turn the Tables" Webcast

For too long, attackers have been one step (or leaps) ahead of security teams. They study existing security solutions in the market and identify gaps they can use to their advantage. They use attack methods that are low cost and high return like stolen credentials…

Dogfooding at Rapid7: How UserInsight Saved Us from Getting Phished

A lot of companies talk about how they "eat their own dogfood". For those of you unfamiliar with the colloquialism, it means that they use their own products to validate both value and quality. This is a much easier thing to do in…

Phishing: How UserInsight Helps You Get Off The Hook Using Security Analytics

Phishing is one of the primary ways attackers steal credentials. For example, they can set up a fake Outlook Web Access page to harvest Windows domain credentials that enable them to access the network via VPN, to read emails, or to send highly credible phishing…

Federal Friday - 6.13.14 - New Group, Same Story

Happy Friday, Federal friends! It's another lovely Fall day here in Beantown but I hope each of you are enjoying your early Summer weather. Some exciting news as Rapid7 was named one of the Top Places to Work by the Boston Business Journal (#11 Mid-size…

Top 4 Takeaways from the "Live Bait: How to Prevent, Detect, and Respond to Phishing Emails" Webcast

In this week's webcast,Lital Asher - Dotan and ckirsch tackled the hot topic, “Live Bait: How to Prevent, Detect, and Respond to Phishing Emails”. Phishing has risen from #9 to #3 in the Verizon Data Breach Investigations Report on the most common…