2 min
Awards
Excellence in Leadership: CRN Recognizes Alex Page Among Its 2025 Channel Chiefs
For the third consecutive year, Rapid7’s Alex Page has been honored as a CRN Channel Chief, a testament to his unwavering commitment to driving growth, fostering innovation, and strengthening our global channel partnerships.
3 min
Metasploit
Metasploit Weekly Wrap-Up 01/31/25
ESC4 Detection
This week, Metasploit’s jheysel-r7 updated the
existing ldap_esc_vulnerable_cert_finder module to include detecting template
objects that can be written to by the authenticated user. This means the module
can now identify instances of ESC4 from the perspective of the account that the
Metasploit operator provided the credentials for. Metasploit has been capable of
exploiting ESC4 for some time, but required users to know which certificate
templates t
4 min
Career Development
Paying It Forward: Giving and Receiving Mentorship in Tech
This post was adapted from the Northern Ireland Developer Conference 2024 talk of the same name.
5 min
Ransomware
The 2024 Ransomware Landscape: Looking back on another painful year
In this post, we’ll examine the latest data points, discuss notable groups, and estimate the potential impact on victims — helping security teams plan their defenses for the months ahead.
2 min
Metasploit
Metasploit Weekly Wrap-Up 01/24/2025
LibreNMS Authenticated RCE module and ESC15 improvements
This week the Metasploit Framework was blessed with an authenticated RCE module
in LibreNMS, an autodiscovering PHP/MySQL-based network monitoring system. An
authenticated attacker can create dangerous directory names on the system and
alter sensitive configuration parameters through the web portal. These two
defects combined to allow arbitrary OS commands inside shell_exec() calls, thus
achieving arbitrary code execution.
Additionally, i
4 min
Exposure Management
The Vulnerability Vortex: Escaping the Whirlpool of Ineffective Security
In today's interconnected digital landscape, organizations find themselves caught in a relentless torrent of security alerts and vulnerability notifications.
1 min
Surface Command
Key Takeaways: Mastering Risk Prioritization with Rapid7 Surface Command
In our recent webinar, Cheney Edwards, Senior Security Solutions Engineer at Rapid7, shares actionable techniques to cut through noise, prioritize effectively, and command your attack surface.
2 min
Metasploit
Metasploit Wrap-Up 01/17/2025
Three new Metasploit exploit modules released, including a module targeting Cleo File Transfer Software (CVE-2024-55956)
9 min
Research
Perfect Fit or Business Threat? How to Mitigate the Risk of Rogue Employees
Recruitment fraud is an expensive and time-consuming threat to business. The risk of malware deployment and data exfiltration is high from threat actors trained to bypass each stage of a typical recruitment process. This blog outlines how an organization can secure the hiring process weak points.
4 min
Emergent Threat Response
Fortinet Firewalls Hit with New Zero-Day Attack, Older Data Leak
Rapid7 is responding to two separate events affecting Fortinet firewall customers: Zero-day exploitation of CVE-2024-55591 in FortiOS, and a large-scale data leak of older FortiGate firewall IPs, passwords, and configs.
14 min
Patch Tuesday
Patch Tuesday - January 2025
Eight 0-days. Access: triple zero-day RCE; Hyper-V NT Kernel Integration VSP: triple zero-day EoP; Windows Themes: zero-day NTLM disclosure; Windows Installer: zero-day EoP; PGM: critical RCE; OLE: critical RCE.
3 min
Metasploit
Metasploit Wrap-Up 01/10/2025
New module content (5)
OneDev Unauthenticated Arbitrary File Read
Authors: Siebene and vultza
Type: Auxiliary
Pull request: #19614
contributed by vultza
Path: gather/onedev_arbitrary_file_read
AttackerKB reference: CVE-2024-45309
Description: This adds an exploit module for an unauthenticated arbitrary file
read vulnerability, tracked as CVE-202
2 min
Security Operations (SOC)
Securing Success: Stories from the SOC Webinar Series
Cyberattacks are evolving, threat volumes are skyrocketing, and attackers are exploiting vulnerabilities faster than ever. To navigate these challenges, Rapid7 has launched the "Securing Success: Stories from the SOC" webinar series.
2 min
Artificial Intelligence
Unlocking the Power of AI in Cybersecurity: Key Takeaways from Our Latest Webinar
In our recent webinar, "Enhancing MDR with AI: Real-World Use Cases & Security Insights," cybersecurity and AI experts shared their perspectives on how advancements in artificial intelligence are reshaping security operations.
2 min
Career Development
Built In Honors Rapid7 with “2025 Best Places To Work” Award
3 Rapid7 Offices Included in Built In’s “Best Places to Work” Lists.