Rapid7的帖子

2分钟 紧急威胁响应

CVE-2024-40766: Critical Improper Access Control 脆弱性 Affecting SonicWall Devices

CVE-2024-40766 is a critical improper access control vulnerability affecting SonicOS, the operating system that runs on the company’s physical 和 virtual firewalls. 截至9月9日, 2024, Rapid7 is aware of several recent incidents in which SonicWall SSLVPN accounts were targeted or compromised.

3分钟 紧急威胁响应

Veeam备份中的多个漏洞 & 复制

9月4日, 2024, Veeam released their September security bulletin disclosing various vulnerabilities, 包括cve - 2024 - 40711, a critical unauthenticated remote code execution issue affecting Veeam’s popular Backup & 复制解决方案.

3分钟 Gartner

Our 4 Essential Strategy Takeaways from the Gartner® 2024 Report – How to Prepare for Ransomware Attacks

2024年Gartner报告, “如何防范勒索软件攻击”, provides critical insights into the latest tactics used by bad actors 和 offers practical solutions on how to fortify defenses.

3分钟 Gartner

5 Key Insights from the Gartner® Market Guide for 云原生应用保护 平台s (CNAPP)

The 2024 Gartner Market Guide for 云原生应用保护 平台s (CNAPP) provides invaluable insights into the latest trends 和 technologies that are reshaping how companies protect their digital assets.

4分钟 职业发展

Br和on Adkins’ Career Journey - Taking Chances 和 Tackling New Challenges

Br和on Adkins is the 经理 of our 威胁情报 & 检测工程(TIDE)小组. His career journey spans a variety of roles 和 teams where he has been able to showcase his technical skills in security.

5分钟 接触命令

Rapid7 Introduces 接触命令 to Eliminate the Security Visibility Gap

接触命令 provides 360-degree visibility 和 enables security teams to pinpoint 和 extinguish your most critical risks.

2分钟 职业发展

Celebrating Excellence: Rapid7 Recognized in 新闻week's Greatest Workplaces in America 2024

In a testament to its commitment to fostering an exceptional workplace environment, Rapid7 is proud to be included in 新闻week's Greatest Workplaces in America for 2024.

2分钟 报告

New 研究: The Proliferation of Cellular in IoT

Analysis of Cellular Based Internet of Things (IoT) Technology is a new whitepaper co-authored by Rapid7 principal security researcher Deral Heil和 和 Thermo Fisher Scientific lead product security researcher Carlota Bindner.

4分钟 紧急威胁响应

VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns

7月29日, Microsoft published threat intelligence on observed exploitation of CVE-2024-37085, an authentication bypass vulnerability in Broadcom VMware ESXi hypervisors that has been used in multiple ransomware campaigns.

4分钟

从Top Dogs到Unified Pack

Each day often presents a new set of challenges 和 responsibilities, particularly as organizations accelerate digital transformation efforts. This means you 和 your cyber team may find yourselves navigating a complex l和scape of multi-cloud environments 和 evolving compliance requirements.

1分钟 Rapid7文化

Boston Business Journal Names Rapid7 as a Best Place to Work in Boston

6月13日, 2024, Rapid7 was recognized by The Boston Business Journal as a Best Place to Work in Boston. This marks the 13th consecutive year Rapid7 has made the list, this time coming in at #8 in the extra large company category.

2分钟 政府

Rapid7 completes IRAP PROTECTED assessment for Insight 平台 solutions

Rapid7 has successfully completed an Information Security Registered Assessors Program (IRAP) assessment to PROTECTED Level for several of our Insight 平台 solutions.

10分钟 管理检测和响应(耐多药)

Supply Chain Compromise Leads to Trojanized 安装程序 for Notezilla, RecentX, Copywhiz

The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler 麦格劳,莎拉·李和托马斯·埃尔金斯. 执行概要 On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious 客户环境中的活动. 我们的调查发现 suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes on a Windows desktop. 安装程序 for Notezilla, along with tools called RecentX 和

4分钟 pg电子

从Top Dogs到Unified Pack

Cybersecurity is as unpredictable as it is rewarding. This means you 和 your cyber team may find yourselves navigating a complex l和scape of multi-cloud environments 和 evolving compliance requirements.

10分钟 管理检测和响应(耐多药)

Malvertising Campaign Leads to Execution of Oyster Backdoor

Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.