This report investigates the trends, pioneered by the Maze ransomware group, of double extortion. In particular, we examine the contents of initial data disclosures intended to coerce victims to pay ransoms. (more available)

A review of 180 engagements performed by Rapid7 consulting, supplemented by a survey of questions given to all Rapid7 consulting customers. (more available)

A review of lessons learned over the past year from Rapid7’s penetration testing services. Combined with survey day on social engineering and red team simulations of 206 engagements. (more available)

Using information from Rapid7’s Project Sonar internet telemetry service, this report reviews several dimensions of demonstrated security controls for companies in the S&P 200 and ASX (Australian) stock indices. (more available)

This issue of the Rapid7 Quarterly Threat Report takes a deep dive into the threat landscape for 2018 Q4 and looks more broadly at 2018 as a whole. (more available)

From the report, “To understand current levels of exposure and resiliency, Rapid7 Labs measured 4532 of the 2017 Fortune 500 List3 for: • Overall attack surface (the number of exposed servers/devices); • Presence of dangerous or insecure services; • Phishing defense posture; • Evidence of system compromise; • Weak public service and metadata configurations; and • Joint third-party website dependency risks. (more available)

In 2016, Rapid7 Labs launched the National Exposure Index in order to get a measurable, quantitative answer to a fairly fundamental question: What is the nature of internet exposure—services that either do not offer modern cryptographic protection, or are otherwise unsuitable to offer on the increasingly hostile internet—and where, physically, are these exposed services located? (more available)

From the report, “This quarter’s report covers three main areas of concern for the modern IT defender: • First, credential theft, reuse, and subsequent suspicious logins are—today— the most commonly reported significant incident we’re seeing across both small (<1,000 endpoints) and large organizations (≥1,000 endpoints). (more available)

It’s harvest time (at least here in the United States), and as we prepare to reap the bounties of the land, so too have we seen attackers make good use of the exploits they’ve sown and infrastructure they’ve co-opted. (more available)

This Quarterly report continues Rapid7’s excellent work of providing insight to the threats they have witnessed during the 2nd Quarter of 2018. (more available)

The term “exposure” can mean many things. In the context of this report, they define “exposure” as offering services that either expose potentially sensitive data over cleartext channels or are widely recognized to be unwise to make available on the internet, such as database systems. (more available)

From The Report, “This year, we continue this investigation into the risk of passive eavesdropping and active attack on the internet, and offer insight into the year-over-year changes involving these exposed services. (more available)

This report provides a walkthrough of creating an Incident Response Plan.

This is a helpful little report that simplifies the best practices for Cybersecurity.

This report offers insight from the research and results of Rapid7’s repeated penetration testing.

This is Rapid7’s Quarterly Threat Report. In this report they wrap up the cyber events from the year 2017 and lay out some thoughts on what is ahead in 2018. (more available)

This is Rapid7’s Quarterly Threat Report. In this report they sought to make a less chaotic picture of the events of the 3rd quarter of 2017. (more available)

This is Rapid7’s Quarterly Threat Report, in this report they sought to include composite and industry-level views of events across many industries. (more available)

This is Rapid7’s Quarterly Threat Report. In this report they have created additional views by day, hour, and event type by industry to give you a glimpse into both the workload variety and volume facing these unsung heroes of cybersecurity. (more available)

This report breaks down four strategic pillars of handling vulnerability management.