Just Scratching the (Attack) Surface
Welcome back to the Rapid7 Rundown! Find all the latest cybersecurity updates to accelerate your success in the SOC.
The 2024 Attack Intelligence Report
For the last 4 years, Rapid7 has analyzed attacker and vulnerability data to give security teams insight into the tactics, trends, and motives adversaries are deploying against them.
This year, Rapid7 upped the ante with a 14-month look at attacker behaviors pulling data from our research, managed detection and response, and threat intelligence teams to give you the clearest picture of what practitioners face daily.
- Download the report
- Dive into key insights and takeaways, directly from the researchers behind the report, from the Take Command Summit. Watch on-demand now.
Quick Hits from Rapid7
The addition of Noetic Cyber 's CAASM solution to Rapid7’s existing cybersecurity solutions will provide more comprehensive visibility of a customer’s environment, including visibility into both internal and external assets, on-premise and in the cloud.
Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps and Augment MDR Services
We’ve extended the Rapid7 AI Engine to include new Generative AI capabilities used by our internal SOC teams, transforming how we deliver our MDR services.
Recommended by LinkedIn
Rapid7’s AI Engine powers the company’s AI-native SOC assistant so MDR analysts can quickly respond to security threats and proactively mitigate risks on behalf of customers. Learn more about Rapid7's MDR service, part of Managed Threat Complete.
Rapid7 is collaborating with Comcast Business to support the recently announced Comcast Business Managed Detection and Response (MDR) solution. Leveraging Rapid7's security analytics platform and expertise, enterprise customers can better manage an ever-evolving and challenging threat landscape.
Now available within Rapid7 Managed Threat Complete, our patented ransomware prevention technology delivers end-to-end coverage to anticipate advanced attacks and accelerate detection and response time. Built into the Rapid7 Insight Agent, ransomware prevention easily plugs into customers' existing security ecosystems. Learn more about Rapid7's ransomware prevention solution.
What's popping up on the security landscape?
Rapid7's Emergent Threat Response (ETR) team covers CVEs in real time for the cybersecurity community, and Rapid7 customers can take immediate action with applicable documentation.
🚨 Here are some recent CVEs to take note of:
- CVE-2024-5806; CVE-2024-5805: Authentication Bypasses in MOVEit Transfer and MOVEit Gateway. Learn more
- CVE-2024-3094: Backdoored XZ Utils. Learn more
- CVE-2024-3400: Critical Command Injection Vulnerability in Palo Alto Networks Firewalls. Learn more
- CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack. Learn more
- CVE-2024-24919: Check Point Security Gateway Information Disclosure. Learn more
- CVE-2024-28995: Trivially Exploitable Information Disclosure Vulnerability in SolarWinds Serv-U. Learn more
🚨 Other threat activity observed by Rapid7:
- Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz. Learn more
- Malvertising Campaign Leads to Execution of Oyster Backdoor. Learn more
- Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators. Learn more
- Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise. Learn more
More News
🏆 Rapid7's InsightIDR was recognized as Best SIEM Solution by SC Media UK at the 2024 SC Awards Europe! Craig Adams , Chief Product Officer, spoke on the significance of the recognition for InsightIDR. Check it out above ⤴️
This is the second time InsightIDR has won, having also received the honor in 2022. Learn more about InsightIDR.
"Someone's always trying to hack into something, but with Rapid7, no one's breaking in." Tom Landsness , Vice President of Infrastructure & Service Management, Junior Achievement USA
When Junior Achievement USA needed a cyber solution to better monitor their data and infrastructure, Rapid7 checked all their boxes: saving time for their small team and creating efficiencies while remaining cost-effective for the nonprofit organization. Read the Case Study
Are you heading to Black Hat?
On August 7–8, visit our experts at Black Hat Booth #2436 for a personalized demo, an in-depth speaker session, or to grab some Rapid7 swag! You can also find us at DEF CON afterward.
Click here for more information, or to pre-book a meeting with one of our experts.
See you next time!
Don't forget to subscribe to the Rapid7 Rundown! You can also keep up with the latest at Rapid7 here on LinkedIn, and Twitter/X.