The past, present and future of Metasploit
Metasploit is the most used penetration testing framework. In this Help Net Security video, Spencer McIntyre, Lead Security Researcher at Rapid7, talks about how Metasploit …
Infosecurity Europe 2022 video walkthrough
Infosecurity Europe 2022 opened its doors today at the ExCeL in London, here’s a look inside the event. The featured vendors are: Akamai Technologies, AlgoSec, Appgate, …
Which stolen data are ransomware gangs most likely to disclose?
If your organization gets hit by a ransomware gang that has also managed to steal company data before hitting the “encrypt” button, which types of data are more …
Metasploit 6.2.0 comes with 138 new modules, 148 enhancements and features
Metasploit is the world’s most used penetration testing framework. It helps security teams verify vulnerabilities, manage security assessments, and improve security awareness. …
Photos: RSA Conference 2022, part 3
RSA Conference 2022 took place at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important news. Part 1 of the photos is …
Critical flaw in Zyxel firewalls grants access to corporate networks (CVE-2022-30525)
A critical vulnerability (CVE-2022-30525) affecting several models of Zyxel firewalls has been publicly revealed, along with a Metasploit module that exploits it. Discovered …
Vulnerabilities and cyberattacks that marked the year 2021
Rapid7 announced the release of a report examining the 50 most notable security vulnerabilities and high-impact cyberattacks in 2021. On any given day, security professionals …
Infosec products of the month: March 2022
Here’s a look at the most interesting products from the past month, featuring releases from: Actiphy, Anomali, AvePoint, Ciphertex Data Security, Contrast Security, Critical …
New infosec products of the week: April 1, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Critical Start, MetricStream, Nebulon, Rapid7, SEON, and Veriff. Rapid7 introduces …
Spring4Shell: No need to panic, but mitigations are advised
Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively …
Rapid7 introduces cloud workload protection in InsightCloudSec
Rapid7 announced new cloud workload protection capabilities for InsightCloudSec, the company’s fully-integrated cloud-native security platform (CNSP). These enhancements, …
It’s time to patch your SonicWall SMA 100 series appliances again!
SonicWall has fixed a handful of vulnerabilities affecting its SMA 100 series appliances and is urging organizations to implement the patches as soon as possible. Although …