Rapid7的帖子

Take Comm和 Summit: Take Breaches from Inevitable to Preventable on May 21

Registration is now open for Take Comm和, a day-long virtual summit in partnership with AWS. 你将获得新的攻击情报, 对人工智能颠覆的洞察, 透明的耐多药耐药性伙伴关系, 和更多的.

2分钟

Rapid7 了解平台 Achieves Level 2 TX-Ramp Authorization

Rapid7's 了解平台 has officially achieved Level 2 Texas Risk 和 Authorization Management Program (TX-RAMP) authorization. This milestone marks a significant step forward in providing our customers peace-of-mind as well as the best end-to-end cloud security solutions.

4分钟职业发展

Challenges Drive Career Growth: Meet Rudina Tafhasaj

Starting a career for the first time in a new country can be intimidating. 为Rudina Tafhasaj, her path to Senior Application Engineer at Rapid7 was paved with both unique challenges, 以及令人难以置信的回报.

3分钟紧急威胁响应

XZ Utils后门漏洞(CVE-2024-3094)

在周五, 3月29日, after investigating anomalous behavior in his Debian sid environment, developer Andres Freund contacted an open-source security mailing list to share that he had discovered an upstream backdoor in widely used comm和 line tool XZ Utils (liblzma).

2分钟研究

Why The External Attack Surface Matters: An analysis into APAC related threat activities

Considerable focus within the cybersecurity industry has been placed on the attack surface of organizations, giving rise to external attack surface management (EASM) technologies as a means to monitor said surface.

9分钟研究

The Updated APT Playbook: Tales from the Kimsuky threat actor group

Within Rapid7 Labs we continually track 和 monitor threat groups. 作为这个过程的一部分, we routinely identify evolving tactics from threat groups in what is an unceasing game of cat 和 mouse.

2分钟职业发展

Rapid7’s Ciara Cullinan Recognized as Community Trailblazer in Belfast Awards Program

At the 2024 Women Who Code She Rocks Awards, Rapid7 Software Engineer II Ciara Cullinan was recognized with their ‘Community Trailblazer’ award.

6分钟 7快速提问

7个快速提问#77雷·布尔克

We couldn’t pass up the opportunity to bring 波士顿棕熊 legend Ray Bourque into the herd as we continue to expand our Bruins jersey sponsorship.

19分钟紧急威胁响应

CVE-2024-27198 和 CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)

Rapid7’s vulnerability research team identified two new vulnerabilities affecting JetBrains TeamCity CI/CD server: CVE-2024-27198 和 CVE-2024-27199, both of which are authentication bypasses.

3分钟脆弱性管理

High-Risk Vulnerabilities in ConnectWise ScreenConnect

2月19日, 2024 ConnectWise disclosed two vulnerabilities in their ScreenConnect remote access software. Both vulnerabilities affect ScreenConnect 23.9.7点及更早.

3分钟 InsightVM

Explanation of New Authenticated Scanning PCI DSS Requirement 11.3.1.PCI DSS V4中2个.0 和 how InsightVM can help meet the Requirement

As a Certified Qualified Security Assessor (QSA) company 和 a trusted Rapid7 partner, MegaplanIT is committed to guiding organizations through the complexities of compliance 和 security st和ards.

7分钟事件响应

RCE到silver:来自战场的IR故事

Rapid7 事件响应 was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source of multiple malware executions.

3分钟职业发展

Paving a Path to Systems Administration: Naeem Jones’ Journey with Rapid7

Prior to becoming a Systems Administrator at Rapid7, Naeem Jones entered his career in cybersecurity through the 黑客. 多样性计划. 黑客.

2分钟紧急威胁响应

Critical Fortinet FortiOS CVE-2024-21762 Exploited

CVE-2024-21762 is a critical out-of-bounds write vulnerability in Fortinet's FortiOS operating system that is known to have been exploited in the wild. Fortinet SSL VPN vulnerabilities are frequent targets for state-sponsored 和 other motivated adversaries.

3分钟 Gartner

5 Insights from the Latest Cybersecurity Trends 研究

we’ve singled out five quick insights security professionals 和 stakeholders should consider when looking ahead. These findings are based on Top Trends in Cybersecurity for 2024, 一份来自Gartner®的新研究报告.