Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](|AS14618) to the bottom mailbox to add to the whitelist


yday 00:00   Webinar: 2023 Cybersecurity Industry Predictions    #rapid7 #安全文章 Rapid7 has put together a webinar featuring some of Rapid7’s leading thinkers on the subject — and an important voice from a valued customer — to discuss some of the lessons learned and give their take on what 2023 will look like.

dby 00:00   CVE-2022-4261: Rapid7 Nexpose Update Validation Issue (FIXED)    #rapid7 #安全文章 Nexpose version 6.6.172 fixes an issue with how Nexpose validates update packages, CVE-2022-4261.

dby 00:00   About Anomalous Data Transfer detection in InsightIDR    #rapid7 #安全文章 Data exfiltration is an unauthorized movement or transfer of data occurring on an organization’s network. Identifying this cyber risk is integral to securing your organization’s network.

2022-12-06 00:00   Get your head in the cloud(s)    #rapid7 #安全文章 Many organizations are in the midst of adopting the cloud faster than ever before; it’s arguably mission critical for their success and longevity.

2022-12-06 00:00   ISO 27001 Certification: What it is and why it matters    #rapid7 #安全文章 Rapid7's ISMS is ISO 27001 certified. This certification validates that our security strategy and processes meet very high standards and underscores our commitment to corporate and customer data security.

2022-12-02 23:08   Velociraptor Version 0.6.7: Better Offline Collection, Encryption, and an Improved NTFS Parser Dig Deeper Than Ever    #rapid7 #安全文章 Rapid7 is excited to announce the release of version 0.6.7 of Velociraptor – an advanced, open-source digital forensics and incident response (DFIR) tool.

2022-12-02 00:00   Metasploit Weekly Wrap-Up    #rapid7 #安全文章 ProxyNotShellThis week's Metasploit release includes an exploit module for CVE-2022-41082,AKA ProxyNotShell by DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q, Orange Tsai[], Piotr Bazydło[], Rich Warren[], Soroush Dalili [

2022-12-02 00:00   Leaked Android Platform Certificates Create Risks for Users    #rapid7 #安全文章 A new report contains 10 different platform certificates and malware sample SHA256 sums where the malware sample had been signed by a platform certificate.

2022-12-01 00:00   Powerlifting in the Cybersecurity Skills Gap    #rapid7 #安全文章 If your SOC hasn’t been running smoothly in a while, there’s likely multiple reasons why. But that doesn’t mean there’s nothing you can do about it. An MDR provider could help you weather the talent gap.

2022-12-01 00:00   Can Cloud Security Be Easier Than Complex?    #rapid7 #安全文章 Cloud security is one dish in the larger holiday meal of a company’s entire budget. Fighting for scraps of funding is hard, so it’s important to identify exactly what you need.

2022-11-30 22:08   Rapid7 Integration For AWS Verified Access    #rapid7 #安全文章 Today at re:invent, Amazon Web Services (AWS) unveiled its new AWS Verified Access service, and we are thrilled to announce that InsightIDR — Rapid7’s next-gen SIEM and XDR — will support log ingestion from this new service when it is made generally available.

2022-11-29 00:00   Unifying Threat Findings to Elevate Your Runtime Cloud Security    #rapid7 #安全文章 Widespread growth in cloud adoption in recent years has given businesses across industries the ability to transform in new ways, often forcing them to choose between slowing the pace of their innovation or taking on massive amounts of unmanaged risk.

2022-11-29 00:00   InsightIDR Launches Integration With New AWS Security Data Lake Service    #rapid7 #安全文章 One of the most exciting announcements has to be the launch of Amazon Security Lake. We see a lot of potential for this new service, which is why Rapid7 is proud to announce the immediate availability of an integration between InsightIDR and Security Lake.

2022-11-28 00:00   Reducing Risk In The Cloud with Agentless Vulnerability Management    #rapid7 #安全文章 In order to gain visibility into vulnerabilities in their public cloud environments, many organizations still rely on agent or network-based scanning technology that was initially built for traditional infrastructure and endpoints.

2022-11-25 00:00   Metasploit Weekly Wrap-Up    #rapid7 #安全文章 2 new modules targeting F5 devices, DuckyScript support, bug fixes, and more