4 min
Rapid7 Culture
Rapid7 Sales Director Devin Poulter On Building a Career as an Account Executive
Devin Poulter is a Sales Director with over 20 years of experience in the tech industry. Recently, we spoke with him about building a career in tech sales.
2 min
Rapid7 Culture
Rapid7 Data Engineers Inspire Future Tech Talent at Summer Search Career Fest
Earlier this month, Rapid7 data engineers had the honor of being panelists at the Summer Search Career Fest.
2 min
Emergent Threat Response
Widespread Exploitation of Zyxel Network Devices
Rapid7 is tracking reports of ongoing exploitation of CVE-2023-28771, a critical unauthenticated command injection vulnerability affecting multiple Zyxel networking devices.
6 min
Metasploit
Fetch Payloads: A Shorter Path from Command Injection to Metasploit Session
Rapid7 is pleased to announce the availability of Metasploit fetch payloads, which increase efficiency and user control over the commands executed.
3 min
Managed Detection and Response (MDR)
Healthcare Orgs: Do You Need an Outsourced SOC?
Learn how your healthcare organization can benefit from cybersecurity managed services and an outsourced SOC.
2 min
DFIR
VeloCON 2023: Submissions Wanted!
Our 2nd annual VeloCON virtual summit will be held this September, and the call for presentations closes Monday, July 17, 2023.
2 min
Cloud Security
Casting a Light on Shadow IT in Cloud Environments
Shadow IT typically refers to the use of consumer apps or services without explicit IT approval. However, it can also occur at a cloud infrastructure level.
2 min
Metasploit
Metasploit Weekly Wrap-Up
Fetch Based Payloads: Making the Path from Command Injection to Metasploit
Session Shorter
This week we’re releasing Metasploit fetch payloads. Fetch payloads are
command-based payloads that leverage network-enabled applications on remote
hosts and different protocol servers to serve, download, and execute binary
payloads. Over the last year, two thirds of the exploit modules landed to
Metasploit Framework were command injection exploits. These exploits will be
much easier to write with our new
3 min
InsightCloudSec
Introducing: ‘Saved Filters’ in InsightCloudSec
New InsightCloudSec release includes "Saved Filters" capability, which lets users save filter combinations they use regularly.
5 min
Managed Detection and Response (MDR)
Rapid7 Recognized as a Strong Performer in The Forrester Wave™ for MDR, Q2 2023
Rapid7 is proud to be recognized amongst the top 13 vendors, as a Strong Performer, in The Forrester WaveTM: Managed Detection and Response, Q2 2023.
2 min
Emergent Threat Response
CVE-2023-27350: Ongoing Exploitation of PaperCut Remote Code Execution Vulnerability
CVE-2023-27350 is an unauthenticated remote code execution vulnerability in PaperCut MF/NG print management software. A patch is available for this vulnerability and should be applied on an emergency basis.
4 min
Metasploit
Metasploit Wrap-up
New modules for Zyxel Router RCE, Pentaho Business Server Auth Bypass, ManageEngine ADAudit authenticated file write RCE, and HTTPTrace functionality added to scanner modules
1 min
Lost Bots
[The Lost Bots] S03E03. The Rise of The Machines
In this episode of The Lost Bots, Rapid7's Jeffrey Gardner and Stephen Davis discuss the state of AI today and where its going.
9 min
DFIR
The Velociraptor 2023 Annual Community Survey
Rapid7's Velociraptor team distributed our first community survey in early 2023. Here's what we learned!
9 min
Vulnerability Management
Patch Tuesday - May 2023
A relatively light 49 vulnerabilities patched in May 2023, including a new entry method for BlackLotus bootkit malware.