Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Research  

This One Time on a Pen Test: Ain’t No Fence High Enough

In this edition of "This One Time on a Pen Test," we discuss an engagement with for an energy company with a high-fence compound.…

Rapid7 Releases Q2 2020 Quarterly Threat Report

It’s hard to believe it’s already the end of September, and with it comes Rapid7’s Q2 2020 Quarterly Threat Report.…

NICER Protocol Deep Dive: Internet Exposure of SMB

In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at internet exposure of SMB.…

NICER Protocol Deep Dive: Internet Exposure of FTP

In this installment of the NICER Protocol Deep Dive blog series, we cover internet exposure of FTP.…

Ask a Pen Tester, Part 2: A Q&A With Rapid7 Pen Testers Gisela Hinojosa and Carlota Bindner

Rapid7 pen testers Gisela Hinojosa and Carlota Bindner are back to answer another round of questions about the mysterious art of penetration testing…

NICER Protocol Deep Dive: Secure Shell (SSH)

In the second installment of our NICER Protocol Deep Dive blog series, we cover Secure Shell (SSH).…

Rapid7 Releases 2020 Under the Hoodie Report: Lessons Learned from a Year of Penetration Tests

Rapid7 recently released its 2020 Under the Hoodie report, detailing the ins and outs of penetration testing.…

NICER Protocol Deep Dive: Internet Exposure of Telnet Services

In the first installment of our NICER Protocol Deep Dive blog series, we cover internet exposure of Telnet services.…

Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 2 Sessions

Our Rapid7 experts attended another day of incredible talks, and have plenty of key takeaways and insights to share about their Virtual Vegas sessions.…

Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 1 Sessions

Even from home, it can be tough to catch what you want to see at Black Hat, so we had our experts do the work for you as part of our Virtual Vegas event.…

Remote Code Execution Risks in Secomea, Moxa, and HMS eWon ICS VPN Vulnerabilities: What You Need to Know

On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across products of three industrial control system (ICS) vendors’ — HMS, Secomea, and Moxa — remote access technologies.…

CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability: What You Need to Know

On July 22, Cisco released a patch for a high-severity read-only patch traversal vulnerability in its Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products.…

Rapid7 Releases 2020 National / Industry / Cloud Exposure Report (NICER)

Rapid7 has just released the 2020 National / Internet / Cloud Exposure Report, affectionately called the NICER report.…

CVE-2020-2021 Authentication Bypass in PAN-OS Security Assertion Markup Language (SAML) Authentication Disclosed

On Monday, June 29, 2020, Palo Alto released details on CVE-2020-2021 a new, critical weakness in SAML authentication on PAN-OS devices.…

Building a Printed Circuit Board Probe Testing Jig

In this blog, we discuss how to build a printed circuit board (PCB) probe testing jig.…

Never miss a blog

Get the latest stories, expertise, and news about security today.