Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Research  

R7-2018-15 | CVE-2018-5553: Crestron DGE-100 Console Command Injection (FIXED)

This post describes CVE-2018-5553, a vulnerability in the Crestron Console service that is preinstalled on the DGE-100. Due to a lack of input sanitization, this service is vulnerable to command injection that can be used to gain root-level access. DGE-100 devices running firmware versions 1.…

2018 National Exposure Index Research Report: Internet Security Posture by Country

Today, I’m happy to announce that Rapid7 has released our third annual National Exposure Index (NEI), a state of the internet report focusing on where in the world the most exposure is presented on the internet. I’m pretty pleased with how this year’…

Whiteboard Wednesday: Your 6-Minute Recap of Q1 2018’s Threat Landscape

Gotten a chance to read Rapid7’s Quarterly Threat Report for 2018 Q1? If not (or if you’re more of an auditory learner), we’ve put together a 6-minute recap video of the major findings. In our Quarterly Threat Reports, our security researchers provide…

Rapid7 Quarterly Threat Report: 2018 Q1

Spring is here, and along with the flowers and the birds, the pollen and the never-ending allergies, we bring you 2018’s first Quarterly Threat Report! For the year’s inaugural report, we pulled an additional data set: significant events. While we like to look…

Password Tips From a Pen Tester: 3 Passwords to Eliminate

Every week, Rapid7 conducts penetration testing services for organizations that cracks hundreds—and sometimes thousands—of passwords. Our current password trove has more than 500,000 unique passwords that have been collected over the past two years. Where do these come from? Some of them…

Off the Chain! A Research Paper Observing Bitcoin Nodes on the Public Internet

Over the last several years, blockchain-based technologies have exploded in growth. Lately it seems like blockchains are turning up everywhere, from chicken management systems to the next hot cryptocurrency. Waves of new companies, products and applications exist, often in the form of just wedging a…

An Impressively Unprecedented Drop in Open memcached Services

(Many thanks to Jon Hart and Tom Sellers for their research and content for this blog post.) We started performing weekly monitoring of open/amplification-vulnerable memcached servers after the recent memcrashed amplification distributed denial-of-service (DDoS) attack and today we have some truly awesome news to…

R7-2017-27 | CVE-2017-8987: HPE iLO3 Unauthenticated Remote DoS (FIXED)

This post describes CVE-2017-8987, an unauthenticated remote Denial of Service vulnerability in HPE iLO3 firmware version 1.88. This vulnerability can be exploited by several HTTP methods; once triggered, it lasts for approximately 10 minutes until the watchdog service performs a restart of the iLO3…

The Flip Side of memcrashed

Rapid7 Labs keeps a keen eye on research and findings from other savvy security and technology organizations and noticed Cloudflare’s report on new distributed denial of service (DDoS) amplification attacks using memcached. If you haven’t read Cloudflare’s (excellent) analysis yet, the TLDR…

Smart Sensors: Our Bold New World

Over the last several months I have been surveying our bold new world of smart sensor technology. It is absolutely amazing how advances in this area over the last decade have led to technology that affects our day-to-day lives on a large scale. For example:…

The Ghost of a Botnet (Possibly) Past

For a week and a half in April, Rapid7 Labs observed a botnet with 18,000 distinct IPs marauding across the public internet. Then it disappeared, only to resurface again later. Join us as we tell the HaXmas tale of the ghost of a botnet past!…

Yankee Swapped: MQTT Primer, Exposure, Exploitation, and Exploration

This HaXmas, Rapid7's Jon Hart Yankee swaps readers a few minutes' attention for a festive look at MQTT exposure on the public IPv4 internet (and an exploitation module!).…

Building a Backpack Hypervisor

Researcher, engineer, and Metasploit contributor Brendan Watters shares his experience building a backpack-size hypervisor.…

Multiple vulnerabilities in Wink and Insteon smart home systems

Today we are announcing four issues affecting two popular home automation solutions: Wink's Hub 2 and Insteon's Hub. Neither vendor stored sensitive credentials securely on their associated Android apps. In addition, the Wink cloud-based management API does not properly expire and revoke authentication tokens, and…

Cisco Smart Install Exposure

Cisco Smart Install (SMI) provides configuration and image management capabilities for Cisco switches. Cisco’s SMI documentation goes into more detail than we’ll be touching on in this post, but the short version is that SMI leverages a combination of DHCP, TFTP and a…

Featured Research

National Exposure Index 2018

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Featured Research

Quarterly Threat Report

Rapid7’s Quarterly Threat Report leverages intelligence from our extensive network—including the Insight platform, managed detection and response engagements, Project Sonar, Heisenberg Cloud, and the Metasploit community—to put today’s shifting threat landscape into perspective. It gives you a clear picture of the threats that you face within your unique industry, and how those threats change throughout the year.

Learn More