1 min
Threat Intel
The Japanese Technology and Media Attack Landscape
Recently, we released a major report analyzing the threat landscape of Japan,
the globe’s third largest economy. In that report we looked at the ways in which
threat actors infiltrate Japanese companies (spoiler alert: it is often through
foreign subsidiaries and affiliates) and some of the most pervasive threats
those companies face such as ransomware and state-sponsored threat actors.
We also took a look at some of the hardest hit industries and it should come as
no surprise that some of the
1 min
Financial Services
The Japanese Financial Services Attack Landscape
We looked at the ways in which threat actors infiltrate Japanese companies (spoiler alert: it is often through foreign subsidiaries and affiliates) and some of the most pervasive threats those companies face such as ransomware and state-sponsored threat actors.
8 min
Research
Old Blackmoon Trojan, NEW Monetization Approach
Rapid7 is tracking a new, more sophisticated and staged campaign using the Blackmoon trojan, which appears to have originated in November 2022.
3 min
Research
3 Key Challenges to Clarity in Threat Intelligence: 2023 Forrester Consulting Total Economic Impact™ Study
The 2023 Forrester Consulting Total Economic Impact™ Study of Threat Command looks at, among other things, the difficulties of obtaining clear threat intel.
2 min
Research
Anarchy in the UK? Not Quite: A look at the cyber health of the FTSE 350
In this report, Rapid7 looked first at the overall attack surface of the FTSE 350 companies, broken down by industry.
3 min
Emergent Threat Response
Rapid7-Observed Exploitation of Adobe ColdFusion
Rapid7’s Threat Intelligence and Detection Engineering team has identified active exploitation of Adobe ColdFusion in multiple customer environments.
4 min
Emergent Threat Response
Active Exploitation of ZK Framework CVE-2022-36537
Rapid7 is aware of active exploitation of CVE-2022-36537 in vulnerable versions of ConnectWise R1Soft Server Backup Manager software.
2 min
Research
A Shifting Attack Landscape: Rapid7’s 2022 Vulnerability Intelligence Report
We’re excited to release Rapid7’s 2022 Vulnerability Intelligence Report—a deep dive into 50 of the most notable vulnerabilities our research team investigated throughout the year.
2 min
Cloud Security
CIEM is Required for Cloud Security and IAM Providers to Compete: Gartner® Report
Cloud Security and IAM providers should consider prioritizing specific CIEM capabilities according to a new Gartner report.
2 min
Research
A Deep Dive into Reversing CODESYS
This white paper offers a technical deep dive into PLC protocols and how to safely scan CODESYS-based ICS networking stacks.
2 min
Rapid7 Culture
Rapid7 and USF: Building a diverse cybersecurity workforce is not optional
Rapid7 and the University of South Florida (USF) have announced a joint research lab aimed at increasing diversity in the cybersecurity workforce.
2 min
Research
Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974
Rapid7 research has found that nearly 19,000 ESXi servers likely remain vulnerable to CVE-2021-21974, which is being exploited in the ESXiArgs campaign.
5 min
Research
Evasion Techniques Uncovered: An Analysis of APT Methods
DLL search order hijacking and DLL sideloading are commonly used by nation state sponsored attackers to evade detection.
3 min
Emergent Threat Response
Exploitation of GoAnywhere MFT zero-day vulnerability
A warning has been issued about an actively exploited zero-day vulnerability affecting on-premise instances of Fortra’s GoAnywhere MFT.
10 min
Research
Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer and Qakbot Malware
Recently, Rapid7 observed malicious actors using OneNote files to deliver malicious code. This post details our findings.