Ransomwares evolving: Cybercriminals collaborating and auctioning data
Ransomware are soon becoming the most feared disease of cyber-world, started from simple encryption of the victim's computer and files,...
Git-Scanner – A Tool For Bug Hunting Or Pentesting For Targeting Websites That Have Open .git Repositories Available In Public
This tool can scan websites with open .git repositories for Bug Hunting/ Pentesting Purposes and can dump the content of...
Barcode Reader Apps on Google Play Found Using New Ad Fraud Technique
By Jessie Huang (Mobile Threats Analyst) We recently saw two barcode reader apps in Google Play, together downloaded more than...
‘Enterprise-grade’ BazarBackdoor malware delivered via spear phishing emails
Researchers have uncovered a new “enterprise-grade” backdoor malware program that they say shares code with the notorious modular banking trojan...
Confessions of a Former CISO: Shaming People for Bad Security
My name is Scott King, and I am the Senior Director of Advisory Services at Rapid7. Before that, I was...
Recox – Master Script For Web Reconnaissance
The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other...
Sodinokibi ransomware gang auctions off stolen data
Is it legal to buy stolen data from criminals? In most countries the answer would be no. But will it...
New LNK attack tied to Higaisa APT discovered
This post was authored by Hossein Jazi and Jérôme Segura On May 29th, we identified an attack that we believe...
Expert: the image of a “Russian hacker” has become a means of information warfare with the Russian Federation
Experts commented on the release of the report of independent public organizations "Information fight against Russia: constructing the image of...
Google Brings Up Nest for Advanced Protection Program, Will Provide Protection for High-Profile Targets like Politicians and Journalists
Due to a recent increase in device hacks, Google has decided to strengthen up its Nest security protections. The Nest...
Russia-Linked APT Group Exploited 3 Vulnerabilities in Exim Servers, NSA Warns
The russia-linked APT group have been running campaigns wherein the authors exploited a critical vulnerability (CVE-2019-10149), also called as "The...
Jshole – A JavaScript Components Vulnrability Scanner, Based On RetireJS
A JavaScript components vulnrability scanner, based on RetireJS.Why use JShole instead of RetireJS?By default, RetireJS only searches one page, but...
GitMonitor – A Github Scanning System To Look For Leaked Sensitive Information Based On Rules
GitMonitor is a Github scanning system to look for leaked sensitive information based on rules. I know that there are...
Amplifying Impact to Reduce Friction: A Guide to Security Team Efficiency
In a recent session of our Accelerate Threat Detection and Response with SIEM + SOAR webcast series, Rapid7 product leaders...
Teaching from home might become part of every teachers’ job description
“Hey Joe, I wanted to remind you that starting next Monday you will be expected to teach from home. The...
A brief history of video game saves and data modification
Games consoles and handhelds have always been an interesting battleground for hacking activities. The homebrew scene for using hardware in...
The First Ransomware Attack and the Ripples It Sent Forward In Time
What was once a simple piece of malware discovered just 20 years ago this month exhibited its capacity which transformed...
Cycldek: Bridging the (air) gap
Key findings While investigating attacks related to a group named Cycldek post 2018, we were able to uncover various pieces...
Kids on the Web in 2020
Technology is what is saving us from a complete change in the way of life in a world of a...
Eviloffice – Inject Macro And DDE Code Into Excel And Word Documents (Reverse Shell)
Win python script to inject Macro and DDE code into Excel and Word documents (reverse shell)Features:Inject malicious Macro on formats:...
Ligolo – Reverse Tunneling Made Easy For Pentesters, By Pentesters
Ligolo is a simple and lightweight tool for establishing SOCKS5 or TCP tunnels from a reverse connection in complete safety...
Custom Policy Builder Is Now in Open Preview in InsightVM
This post is part one of a two-part blog series on policy customization in InsightVM.To properly guard against security threats,...
Standing Together: A Public Statement from Rapid7 CEO Corey Thomas
It has been shocking for many people in the United States and around the world to see the stark racial...
Rapid7 Quarterly Threat Report: 2020 Q1
If calendars still hold any meaning for you, you may be dimly aware that it's now midway through the second...
