Rapid7

Take command of your attack surface, no matter what it looks like. Rapid7 can help with that. 🛡️ Want to level up your SecOps? Look no further: https://r-7.co/4ducgBN

Rapid7 has observed an ongoing malware campaign involving a new version of #LodaRAT, possessing the ability to steal cookies and passwords from Microsoft Edge and Brave. Uncover the latest in a new blog ➡️ https://r-7.co/3Z4TtsC

🆕 The Sarcoma ransomware group emerged in October 2024, and is already gaining attention. Public postings of multiple victims on its leak site placed Sarcoma in the top 10 most active actors for the month. Sarcoma employs a double-extortion strategy, combining #ransomware encryption with data exfiltration to pressure organizations into paying ransoms. To date, #Sarcoma has impacted nearly 40 organizations globally, with a concentration in the US, Canada, Europe, and Australia. Multiple industries have been targeted including manufacturing and various service sectors. Get our 4 essential takeaways from the 2024 Gartner report, “How to Prepare for Ransomware Attacks." ➡️ https://r-7.co/4erQWNB

Rapid7 now has a full root cause analysis of #Fortinet #FortiManager CVE-2024-47575 (aka "FortiJump") in AttackerKB, with details on firmware decryption, protocol analysis, and unauthenticated #RCE 🐚 Huge props to our kinda-sorta-pretty-awesome principal researcher Stephen Fewer for the pioneering work on this one! https://lnkd.in/gkBx5KuA

Microsoft is addressing 90 vulnerabilities for #PatchTuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for 4 of the vulns. Get more detail in a new blog ➡️ https://r-7.co/3ACjbLK

You can't protect what you can't see. 🛡️ Rapid7 Surface Command captures your actual number of assets using a mixture of external scanning and importing data feeds from 100+ commonly used IT and security tools. See how Surface Command identifies coverage gaps in your security posture: https://r-7.co/3O47Irf

This is what we do at Rapid7. Exposure Management, Attack Surface Management, Intelligence and Detection & Response - integrated.

Using AI to defeat AI may seem like a natural progression in the ongoing battle between attackers and defenders. 🥊 In a new piece for HackerNoon, Rapid7's Senior Director of Threat Analytics, Christiaan Beek, shares why the reality is that this approach is unattractive for most cybercriminals. ⤵️

When asked how Rapid7’s Director of Software Engineering has built a successful career, Cathal O'Neill had 3 key ingredients to share: 🔑 Feedback 🔑 Connections 🔑 Continuous Learning In a new blog, Cathal delves into each principal for taking command of your career in tech 👉 https://r-7.co/40B28Eg

🔎 Exploitation of CVE-2024-38094, a recently disclosed RCE vulnerability in Microsoft #SharePoint, has been observed in the wild – allowing attackers initial access to corporate networks. BleepingComputer cites Rapid7's technical analysis & timeline in a brand new piece: https://r-7.co/3YClPZK