Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Social Engineering  

7 Funny and Punny Halloween Costume Ideas for Tech and Cybersecurity Pros

Stuck on what to be this year? Here are some of our favorite Halloween costume ideas for tech and cybersecurity professionals.…

Putting Pen (Tests) to Paper: Lessons and Learnings from Rapid7’s Annual Mega-Hackathon

Rapid7's Mega-Hackathon offers a unique chance to go beyond the data and get a feel for what pen testers are like in their natural habitat.…

Phishing Attacks Duping Your Users? Here’s a Better Anti-Phishing Strategy.

You’ve hired the best of the best and put up the right defenses, but one thing keeps slipping in the door: phishing emails. Part of doing business today, unfortunately, is dealing with phishing attacks. Few organizations are immune to phishing anymore; it’s on…

Whiteboard Wednesday: How to Implement A Phishing Awareness Training Plan in 5 Steps

There’s no silver bullet to combating protecting your organization from phishing attacks today. The only comprehensive approach leverages a combination of methods, many of which we’ve covered in parts 1 and 2 of our three-part phishing Whiteboard Wednesday series. Phishing is a human…

Rapid7 InsightPhishing (Beta): Unified phishing simulation, investigation, and analysis

Phishing attacks remain one of the top challenges for SecOps teams. Yes, we all nod when we see the stats that get thrown around, like the ones below. But we also know this because we’ve heard it directly from our customers. Rapid7 has a…

Federal Friday - 6.13.14 - New Group, Same Story

Happy Friday, Federal friends! It's another lovely Fall day here in Beantown but I hope each of you are enjoying your early Summer weather. Some exciting news as Rapid7 was named one of the Top Places to Work by the Boston Business Journal (#11 Mid-size…

Top 4 Takeaways from the "Live Bait: How to Prevent, Detect, and Respond to Phishing Emails" Webcast

In this week's webcast,Lital Asher - Dotan and ckirsch tackled the hot topic, “Live Bait: How to Prevent, Detect, and Respond to Phishing Emails”. Phishing has risen from #9 to #3 in the Verizon Data Breach Investigations Report on the most common…

Federal Friday - 5.30.14 - Social Engineering from the Middle East

Happy Friday, Federal friends. You can tell it's almost Summah up here because it's been 50 and raining this week.So an interesting piece of news from an article on DarkReading this week regarding an ongoing campaign targeting government officials and contractors of both the…

Top 3 Takeaways from "7 Ways to Make Your Penetration Tests More Productive" Webcast

Earlier this week we heard from ckirsch, Senior Product Marketing Manager for Metasploit at Rapid7, on the pressure penetration testers are facing. (Hint: it's a lot!). With the increase in high profile breaches and their costs, more and more emphasis is being put on the…

Rapid7: Coming to a city near you

We're taking this show on the road. Literally. This week our multi-city Rapid7 roadshow event, “Security at the Crossroads,” kicked off in New York and Minneapolis. Industry experts and fellow practitioners – including speakers from Forrester, Cardinal Innovations Healthcare Solutions, Vertex Pharmaceuticals, Porter…

Social Engineering: Would You Fall For This Phone Call?

Cyber criminals don't always need a keyboard to hack into your bank account or company network. In fact, a lot of attacks start with a simple phone call. Typically, the attackers are either trying to get information out of you or to make you do…

Social-Engineer CTF Report Released

For the last five years, the team at Social-Engineer have been bringing one of the most exciting events to DEF CON - the Social Engineering Capture the Flag.  The contest was designed to help bring awareness to the world about how dangerous social engineering…

The Threat Within: RiskRater User Risk Report

Last week, we released the third of three reports from our RiskRater research.The first two reports focused on mobile devices and endpoint devices. The latest report is centered around the risks posed by the one thing that no organization can operate without: Users.With…

Social Media: Vector for the New Economic Attack?

The big news in security this week has been the hijacking of the Associated Press' Twitter account. The attackers leveraged the "bad news" atmosphere created by the events in Boston last week to gain some measure of credibility for a tweet about bombs exploding at…

New Metasploit 4.5: Manage Your Organization's Phishing Exposure

You can now get a better handle on your organization's exposure to phishing attacks: Metasploit Pro now gives you quick insight on risks and advice on how to reduce them. With today's new release version 4.5, Metasploit Pro's social engineering features are no longer…