Photo gallery: Black Hat USA 2019, part two
Black Hat USA 2019 is underway in Las Vegas. Here are a few photos from the Business Hall and the Arsenal. Featured companies: Bugcrowd, Sumo Logic, Devo Technology, Akamai, …
Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets
We often hear about misconfigured Amazon S3 buckets exposing sensitive business and customer data, but there’s another present danger: Magecart attackers have been …
Photos: Infosecurity Europe 2019 expo floor
Infosecurity Europe 2019 is taking place this week in London. Here’s a view of the expo floor, the featured vendors include: Qualys, Anomali, Wandera, Proofpoint, …
February 2019 Patch Tuesday: PrivExchange hole plugged
For the February 2019 Patch Tuesday, Microsoft has released fixes for over 70 CVE-numbered vulnerabilities, 20 of which are rated Critical. Also rated Critical are the Adobe …
Retail and finance top the list of vulnerable industries, increasingly targeted with credential threat campaigns
The finance, professional, and information sectors had the highest volume and most variety of malicious activity in Q2 2018, says Rapid7, and the manufacturing sector is …
Photo gallery: Black Hat USA 2018
Black Hat USA 2018 is underway at Las Vegas. Here are a few photos from the Business Hall and the Arsenal. Featured companies: ZeroFOX, LogRhythm, Qualys, Rapid7, Irdeto, …
Rapid7 integrates with Microsoft Azure to provide visibility, analytics, and automation for cloud security
Rapid7 announced integration between Rapid7’s Insight platform and Microsoft Azure. This integration provides vulnerability management, analytics-driven incident detection for …
Inferring Internet security posture by country through port scanning
In this podcast, Tod Beardsley, Director of Research at Rapid7, talks about the recently released National Exposure Index, which aims to better understand the nature of …
Unpatched SQLi vulnerability in SmartVista e-commerce suite
Companies using SmartVista, the popular e-commerce/payment management product suite developed by Swiss company BPC Banking Technologies, are urged to put limit access to its …
Double Robotics Telepresence Robot can be hacked
Rapid7 researchers have discovered a number of vulnerabilities in the Double Robotics Telepresence Robot, the company’s iPad-based telepresence device that looks a bit …
Too many Cisco ASA boxes still open to an EXTRABACON attack
Among the Equation Group exploits leaked by the Shadow Brokers, the one named EXTRABACON that targets Cisco ASA devices got the most attention from security researchers and …
How a security researcher is tackling IoT security testing
“A common misconception people in the industry have regarding my work as a security researcher is that I am sharing information that puts businesses at risk. And also, …