2分钟
事件
Take Comm和 Summit: Take Breaches from Inevitable to Preventable on May 21
Registration is now open for Take Comm和, a day-long virtual summit in partnership with AWS. 你将获得新的攻击情报, 对人工智能颠覆的洞察, 透明的耐多药耐药性伙伴关系, 和更多的.
2分钟
Rapid7 了解平台 Achieves Level 2 TX-Ramp Authorization
Rapid7's 了解平台 has officially achieved Level 2 Texas Risk 和 Authorization Management Program (TX-RAMP) authorization. This milestone marks a significant step forward in providing our customers peace-of-mind as well as the best end-to-end cloud security solutions.
4分钟
职业发展
Challenges Drive Career Growth: Meet Rudina Tafhasaj
Starting a career for the first time in a new country can be intimidating. 为Rudina Tafhasaj, her path to Senior Application Engineer at Rapid7 was paved with both unique challenges, 以及令人难以置信的回报.
3分钟
紧急威胁响应
XZ Utils后门漏洞(CVE-2024-3094)
在周五, 3月29日, after investigating anomalous behavior in his Debian sid environment, developer Andres Freund contacted an open-source security mailing list to share that he had discovered an upstream backdoor in widely used comm和 line tool XZ Utils (liblzma).
2分钟
研究
Why The External Attack Surface Matters: An analysis into APAC related threat activities
Considerable focus within the cybersecurity industry has been placed on the attack surface of organizations, giving rise to external attack surface management (EASM) technologies as a means to monitor said surface.
9分钟
研究
The Updated APT Playbook: Tales from the Kimsuky threat actor group
Within Rapid7 Labs we continually track 和 monitor threat groups. 作为这个过程的一部分, we routinely identify evolving tactics from threat groups in what is an unceasing game of cat 和 mouse.
2分钟
职业发展
Rapid7’s Ciara Cullinan Recognized as Community Trailblazer in Belfast Awards Program
At the 2024 Women Who Code She Rocks Awards, Rapid7 Software Engineer II Ciara Cullinan was recognized with their ‘Community Trailblazer’ award.
6分钟
7快速提问
7个快速提问#77雷·布尔克
We couldn’t pass up the opportunity to bring 波士顿棕熊 legend Ray Bourque into the herd as we continue to expand our Bruins jersey sponsorship.
19分钟
紧急威胁响应
CVE-2024-27198 和 CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)
Rapid7’s vulnerability research team identified two new vulnerabilities affecting JetBrains TeamCity CI/CD server: CVE-2024-27198 和 CVE-2024-27199, both of which are authentication bypasses.
3分钟
脆弱性管理
High-Risk Vulnerabilities in ConnectWise ScreenConnect
2月19日, 2024 ConnectWise disclosed two vulnerabilities in their ScreenConnect remote access software. Both vulnerabilities affect ScreenConnect 23.9.7点及更早.
3分钟
InsightVM
Explanation of New Authenticated Scanning PCI DSS Requirement 11.3.1.PCI DSS V4中2个.0 和 how InsightVM can help meet the Requirement
As a Certified Qualified Security Assessor (QSA) company 和 a trusted Rapid7 partner, MegaplanIT is committed to guiding organizations through the complexities of compliance 和 security st和ards.
7分钟
事件响应
RCE到silver:来自战场的IR故事
Rapid7 事件响应 was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source of multiple malware executions.
3分钟
职业发展
Paving a Path to Systems Administration: Naeem Jones’ Journey with Rapid7
Prior to becoming a Systems Administrator at Rapid7, Naeem Jones entered his career in cybersecurity through the 黑客. 多样性计划. 黑客.
2分钟
紧急威胁响应
Critical Fortinet FortiOS CVE-2024-21762 Exploited
CVE-2024-21762 is a critical out-of-bounds write vulnerability in Fortinet's FortiOS operating system that is known to have been exploited in the wild. Fortinet SSL VPN vulnerabilities are frequent targets for state-sponsored 和 other motivated adversaries.
3分钟
Gartner
5 Insights from the Latest Cybersecurity Trends 研究
we’ve singled out five quick insights security professionals 和 stakeholders should consider when looking ahead. These findings are based on Top Trends in Cybersecurity for 2024, 一份来自Gartner®的新研究报告.