Attackers are exploiting Cisco ASA/FTD flaw in search for sensitive data
An unauthenticated file read vulnerability (CVE-2020-3452) affecting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software is being exploited by …
Internet security is improving, but exposures still run rampant
Rapid7’s research found that the security of the internet overall is improving. The number of insecure services such as SMB, Telnet, rsync, and the core email protocols, …
How do I select a SIEM solution for my business?
A Security Information and Event Management (SIEM) solution collects and analyzes activity from numerous resources across your IT infrastructure. A SIEM can provide …
Rapid7 to acquire DivvyCloud to help enterprises accelerate innovation
Rapid7, a leading provider of security analytics and automation, announced that it has entered into a definitive agreement to acquire DivvyCloud, a leader in Cloud Security …
Actively exploited MS Exchange flaw present on 80% of exposed servers
Attackers looking to exploit CVE-2020-0688, a critical Microsoft Exchange flaw patched by Microsoft in February 2020, don’t have to look hard to find a server they can …
Photo gallery: Black Hat USA 2019, part two
Black Hat USA 2019 is underway in Las Vegas. Here are a few photos from the Business Hall and the Arsenal. Featured companies: Bugcrowd, Sumo Logic, Devo Technology, Akamai, …
Magecart compromised 17,000+ sites through unsecured Amazon S3 buckets
We often hear about misconfigured Amazon S3 buckets exposing sensitive business and customer data, but there’s another present danger: Magecart attackers have been …
Photos: Infosecurity Europe 2019 expo floor
Infosecurity Europe 2019 is taking place this week in London. Here’s a view of the expo floor, the featured vendors include: Qualys, Anomali, Wandera, Proofpoint, …
February 2019 Patch Tuesday: PrivExchange hole plugged
For the February 2019 Patch Tuesday, Microsoft has released fixes for over 70 CVE-numbered vulnerabilities, 20 of which are rated Critical. Also rated Critical are the Adobe …
Retail and finance top the list of vulnerable industries, increasingly targeted with credential threat campaigns
The finance, professional, and information sectors had the highest volume and most variety of malicious activity in Q2 2018, says Rapid7, and the manufacturing sector is …
Photo gallery: Black Hat USA 2018
Black Hat USA 2018 is underway at Las Vegas. Here are a few photos from the Business Hall and the Arsenal. Featured companies: ZeroFOX, LogRhythm, Qualys, Rapid7, Irdeto, …
Rapid7 integrates with Microsoft Azure to provide visibility, analytics, and automation for cloud security
Rapid7 announced integration between Rapid7’s Insight platform and Microsoft Azure. This integration provides vulnerability management, analytics-driven incident detection for …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility