3 min
Artificial Intelligence
We Asked ChatGPT for 2024 Cybersecurity Predictions but You Should Make These Resolutions Instead
Here at Rapid7 we’ve seen a whole lot of threats and exploited vulnerabilities in 2023, many in the form of zero days. So it can be a little overwhelming to think about what could be in store for us in the year ahead.
5 min
Risk Management
Peeking into the crystal ball: What 2023 cyber threats told us about 2024
Even though we’re surely in for more than a few surprises in the coming year, there are ways we can be better prepared. So sit back and relax as we venture through some insights we’ve gained in 2023 and offer ways you can put them into practice in the coming year.
3 min
IoT
Is That Smart Home Technology Secure? Here’s How You Can Find Out.
I can’t tell you which solution will work for your specific case, but I can give you some pointers around technology security.
5 min
Research
The Risks of Exposing DICOM Data to the Internet
DICOM has revolutionized the medical imaging industry. However, it also presents potential vulnerabilities when exposed to the open internet.
8 min
Research
Little Crumbs Can Lead To Giants
This blog offers a deep dive into the world of Shell Link files (LNK) and Virtual Hard Disk files (VHD).
11 min
Detection and Response
Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers
Rapid7 has observed the Fake Browser Update lure utilizing a sophisticated new loader to execute infostealers.
2 min
Research
Poorly Purged Medical Devices Present Security Concerns After Sale on Secondary Market
In Security Implications from Improper De-acquisition of Medical Infusion Pumps Rapid7 performs a physical and technical teardown of more than a dozen medical infusion pumps.
1 min
Threat Intel
The Japanese Technology and Media Attack Landscape
Recently, we released a major report analyzing the threat landscape of Japan,
the globe’s third largest economy. In that report we looked at the ways in which
threat actors infiltrate Japanese companies (spoiler alert: it is often through
foreign subsidiaries and affiliates) and some of the most pervasive threats
those companies face such as ransomware and state-sponsored threat actors.
We also took a look at some of the hardest hit industries and it should come as
no surprise that some of the
1 min
Financial Services
The Japanese Financial Services Attack Landscape
We looked at the ways in which threat actors infiltrate Japanese companies (spoiler alert: it is often through foreign subsidiaries and affiliates) and some of the most pervasive threats those companies face such as ransomware and state-sponsored threat actors.
8 min
Research
Old Blackmoon Trojan, NEW Monetization Approach
Rapid7 is tracking a new, more sophisticated and staged campaign using the Blackmoon trojan, which appears to have originated in November 2022.
3 min
Research
3 Key Challenges to Clarity in Threat Intelligence: 2023 Forrester Consulting Total Economic Impact™ Study
The 2023 Forrester Consulting Total Economic Impact™ Study of Threat Command looks at, among other things, the difficulties of obtaining clear threat intel.
2 min
Research
Anarchy in the UK? Not Quite: A look at the cyber health of the FTSE 350
In this report, Rapid7 looked first at the overall attack surface of the FTSE 350 companies, broken down by industry.
2 min
Research
A Shifting Attack Landscape: Rapid7’s 2022 Vulnerability Intelligence Report
We’re excited to release Rapid7’s 2022 Vulnerability Intelligence Report—a deep dive into 50 of the most notable vulnerabilities our research team investigated throughout the year.
2 min
Cloud Security
CIEM is Required for Cloud Security and IAM Providers to Compete: Gartner® Report
Cloud Security and IAM providers should consider prioritizing specific CIEM capabilities according to a new Gartner report.
2 min
Research
A Deep Dive into Reversing CODESYS
This white paper offers a technical deep dive into PLC protocols and how to safely scan CODESYS-based ICS networking stacks.