Collaborate Disseminate
The finance, professional, and information sectors had the highest volume and most variety of malicious activity in Q2 2018, says Rapid7, and the manufacturing sector is steadily getting more and more targeted. According to the statistics from the comp… Continue reading Retail and finance top the list of vulnerable industries, increasingly targeted with credential threat campaigns
Black Hat USA 2018 is underway at Las Vegas. Here are a few photos from the Business Hall and the Arsenal. Featured companies: ZeroFOX, LogRhythm, Qualys, Rapid7, Irdeto, Whitesource, Bitdefender, Splunk.
The post Photo gallery: Black Hat USA 2018 appe… Continue reading Photo gallery: Black Hat USA 2018
Rapid7 announced integration between Rapid7’s Insight platform and Microsoft Azure. This integration provides vulnerability management, analytics-driven incident detection for hybrid environments, and agent deployment within the Azure infrastructure. R… Continue reading Rapid7 integrates with Microsoft Azure to provide visibility, analytics, and automation for cloud security
Dan Kuykendall is the Senior Director of Application Security Products at Rapid7 where he directs the strategic vision, research and product development for the company’s application security solutions. Full Show NotesFollow us on Twitter: https://www…. Continue reading Dan Kuykendall, Rapid7 – Application Security Weekly #21
In this podcast, Tod Beardsley, Director of Research at Rapid7, talks about the recently released National Exposure Index, which aims to better understand the nature of Internet exposure – services that either do not offer modern cryptographic pr… Continue reading Inferring Internet security posture by country through port scanning
Patrick is a pentester for Rapid7, has done SIRT work for Akamai and was a web application developer at Brown University. He joins Paul and the crew this week for an interview! Full Show Notes Subscribe to YouTube Channel
The post Patrick Laverty, Rapi… Continue reading Patrick Laverty, Rapid7 – Paul’s Security Weekly #551
In the news, CyberArk buy Vaultive to enrich cloud security solutions, Tenable expands its research team, Rapid7 announces pricing of public offering, and more on this episode of Enterprise Security Weekly! Enterprise News Data breach victims can sue Y… Continue reading Rapid7, CyberArk, & Tenable – Enterprise Security Weekly #83
Rebekah Brown has spent more than a decade working in intelligence and information security. Today, Rebekah leads the threat intelligence programs at Rapid7, where her responsibilities include programs, architecture, management, analysis, and operation… Continue reading Rebekah Brown, Rapid7 – Paul’s Security Weekly #544
Tens of thousands of long-range WiFi routers used to provide home wireless broadband, especially in remote or rural areas, are riddled with vulnerabilities that could let a hacker take over IT networks, security researchers said Tuesday. The vulnerabilities, some of which can be exploited remotely if the router’s management interface is directly connected to the internet, were discovered in Cambium Networks’ ePMP and cnPilot product lines by independent researcher Karn Ganeshen earlier this year. Although Cambium has made patches available, as many as 36,000 of the devices appear visible on the internet. Ganeshan approached cybersecurity firm Rapid7 to coordinate disclosure with Cambium in September, Rapid7 Director of Research Tod Beardsley told CyberScoop. “He had a great big pile of vulnerabilities,” Beardsley said. “A lot of them were variations on a theme. We triaged them out … and when we figured out what we had, there were really 11 of them, […]
The post How a bad wi-fi router flaw led to a perfect example of responsible disclosure appeared first on Cyberscoop.
Continue reading How a bad wi-fi router flaw led to a perfect example of responsible disclosure
A Web site set up by PC maker Dell Inc. to help customers recover from malicious software and other computer maladies may have been hijacked for a few weeks this summer by people who specialize in deploying said malware, KrebsOnSecurity has learned.
There is a program installed on virtually all Dell computers called “Dell Backup and Recovery Application.” It’s designed to help customers restore their data and computers to their pristine, factory default state should a problem occur with the device. That backup and recovery program periodically checks a rather catchy domain name — DellBackupandRecoveryCloudStorage.com — which until recently was central to PC maker Dell’s customer data backup, recovery and cloud storage solutions.
Sometime this summer, DellBackupandRecoveryCloudStorage.com was suddenly snatched away from a longtime Dell contractor for a month and exposed to some questionable content. More worryingly, there are signs the domain may have been pushing malware before Dell’s contractor regained control over it. Continue reading Dell Lost Control of Key Customer Support Domain for a Month in 2017