Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Research  

NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)

In this edition of our NICER Protocol Deep Dive blog series, we cover the internet exposure of the Microsoft SQL Server.…

Behind the Scenes: Under the Hoodie 2020 Video Series

In this blog, we take you on a behind-the-scenes look at the making of our 2020 Under the Hoodie video series.…

Don’t Put It on the Internet: Tesla Backup Gateway Edition

In this blog, we address Tesla Backup Gateways and identify key areas where Tesla could improve security and privacy to help customers protect themselves.…

NICER Protocol Deep Dive: Internet Exposure of MySQL

In the latest edition of our "NICER Protocol Deep Dive blog series, we take a more detailed look at the internet exposure of MySQL.…

This One Time on a Pen Test: How I Hacked a Self-Driving Car

In our latest edition of "This One Time on a Pen Test," we take a deeper look at an engagement involving a self-driving car.…

NICER Protocol Deep Dive: Internet Exposure of Citrix ADC/NetScaler

In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of Citrix ADC/NetScaler.…

The Story Behind Security Breaches

There are many potential causes of security breaches, but what is a common root cause? Human error.…

NICER Protocol Deep Dive: Internet Exposure of Remote Desktop (RDP)

In this edition of our NICER Protocol Deep Dive blog series, we break down the internet exposure of remote desktop (RDP).…

PSA: Increase in RDP Attacks Means It's Time to Mind Your RDPs and Qs

Our research team looks into the increase in RDP attacks against RDP servers without multi-factor authentication enabled and helps organizations strengthen their infrastructure against these attacks.…

This One Time on a Pen Test: Doing Well With XML

In the latest edition of "This One Time on a Pen Test," we discuss a classic web application engagement involving XML.…

NICER Protocol Deep Dive: Internet Exposure of SMTP

In this installment of our NICER Protocol Deep Dive blog series, we discuss internet exposure of SMTP.…

This One Time on a Pen Test: I Know...Everything

In the latest edition of "This One Time on a Pen Test," we follow a Rapid7 penetration tester as they perform an internal network engagement.…

Exploitability Analysis: Smash the Ref Bug Class

Two Metasploit researchers evaluate the "Smash the Ref" win32k bug class for exploitability and practical exploitation use cases for pen testers and red teams looking to obtain an initial foothold in the context of a standard user account.…

Microsoft Exchange 2010 End of Support and Overall Patching Study

Today's topic is Exchange 2010, which reaches end of support (EoS) on Oct. 13, 2020, as well as a survey of other versions of Exchange and how well they are being kept up-to-date.…

NICER Protocol Deep Dive: Internet Exposure of rsync

In this installment of our NICER Protocol Deep Dive blog series, we take a closer look at internet exposure of rsync.…

Never miss a blog

Get the latest stories, expertise, and news about security today.