2 min
Research
Why The External Attack Surface Matters: An analysis into APAC related threat activities
Considerable focus within the cybersecurity industry has been placed on the attack surface of organizations, giving rise to external attack surface management (EASM) technologies as a means to monitor said surface.
9 min
Research
The Updated APT Playbook: Tales from the Kimsuky threat actor group
Within Rapid7 Labs we continually track and monitor threat groups. As part of this process, we routinely identify evolving tactics from threat groups in what is an unceasing game of cat and mouse.
2 min
Career Development
Rapid7’s Ciara Cullinan Recognized as Community Trailblazer in Belfast Awards Program
At the 2024 Women Who Code She Rocks Awards, Rapid7 Software Engineer II Ciara Cullinan was recognized with their ‘Community Trailblazer’ award.
6 min
7 Rapid Questions
7 Rapid Questions with #77 Ray Bourque
We couldn’t pass up the opportunity to bring Boston Bruins legend Ray Bourque into the herd as we continue to expand our Bruins jersey sponsorship.
19 min
Emergent Threat Response
CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)
Rapid7’s vulnerability research team identified two new vulnerabilities affecting JetBrains TeamCity CI/CD server: CVE-2024-27198 and CVE-2024-27199, both of which are authentication bypasses.
3 min
Vulnerability Management
High-Risk Vulnerabilities in ConnectWise ScreenConnect
On February 19, 2024 ConnectWise disclosed two vulnerabilities in their ScreenConnect remote access software. Both vulnerabilities affect ScreenConnect 23.9.7 and earlier.
3 min
InsightVM
Explanation of New Authenticated Scanning PCI DSS Requirement 11.3.1.2 in PCI DSS V4.0 and how InsightVM can help meet the Requirement
As a Certified Qualified Security Assessor (QSA) company and a trusted Rapid7 partner, MegaplanIT is committed to guiding organizations through the complexities of compliance and security standards.
7 min
Incident Response
RCE to Sliver: IR Tales from the Field
Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source of multiple malware executions.
3 min
Career Development
Paving a Path to Systems Administration: Naeem Jones’ Journey with Rapid7
Prior to becoming a Systems Administrator at Rapid7, Naeem Jones entered his career in cybersecurity through the Hack. Diversity program. Hack.
2 min
Emergent Threat Response
Critical Fortinet FortiOS CVE-2024-21762 Exploited
CVE-2024-21762 is a critical out-of-bounds write vulnerability in Fortinet's FortiOS operating system that is known to have been exploited in the wild. Fortinet SSL VPN vulnerabilities are frequent targets for state-sponsored and other motivated adversaries.
3 min
Gartner
5 Insights from the Latest Cybersecurity Trends Research
we’ve singled out five quick insights security professionals and stakeholders should consider when looking ahead. These findings are based on Top Trends in Cybersecurity for 2024, a new research report from Gartner®.
1 min
Awards
Celebrating Excellence: Alex Page Recognized As a CRN 2024 Channel Chief
Congratulations to Rapid7’s Vice President of Global Channel Sales, Alex Page, who is named among the newly-announced CRN 2024 Channel Chiefs!
7 min
Career Development
Rapid7 in Prague: Pete Rubio Shares Insights and Excitement for the New Office
Pete Rubio is the Senior Vice President, Platform & Engineering. Here he discusses the company's newest office in Prague, Czech Republic.
3 min
Security Operations (SOC)
Building the Best SOC Takes Strategic Thinking
So your security team is ready to scale up its security operations center, or
SOC, to better meet the security needs of your organization. That’s great news.
But there are some very important strategic questions that need to be answered
if you want to build the most effective SOC you can and avoid some of the most
common pitfalls teams of any size can encounter.
The Gartner® report SOC Model Guide,
[http://zpy.aprender-a-bailar.com/info/soc-model-guide/] is an excellent resource for
understanding how to
3 min
Emergent Threat Response
Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server
Rapid7 is highlighting two critical vulnerabilities in outdated versions of
widely deployed software this week. Atlassian disclosed
[http://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html]
CVE-2023-22527, a template injection vulnerability in Confluence Server with a
maxed-out CVSS score of 10, while VMware pushed a fresh update to its October
2023 vCenter Server advisory
[http://www.vmwar