News junkie, bibliophile and unabashed social observer. Comms @rapid7; formerly @Twitter, @zumper and @Audi. Obsessed with sourdough (like everyone else).
@NYCTSubway Ach, ok. The alternative 9 flights of stairs twice a day is pretty brutal, so anything that could be done to hasten the opening (or provide an ETA) would be much appreciated!
@NYCTSubway can you provide an update on when we can expect access to the Overlook Terrace passage at the A train 181st stop? I believe the work was to be completed in August (and we havenโt seen any work being done for many weeks), yet the passage is still closed? TY!
We recently released our 2022 Vulnerability Intelligence Report. One finding: Zero-day exploitation was a significant challenge for security teams, with 43% of widespread threats arising from a zero-day exploit. Learn about this & the stats shown ๐ here: https://t.co/waMinFoQmj
Thanks everyone!
I'm excited to be reporting to the CEO at Rapid7 as an Executive in Residence!
For clarification this is not full time and it is not exclusive. This does not change existing relations I have with other orgs.
Its been a stellar year for @metasploit which includes modules that support Active Directory Certificate Services attack techniques. For this and more @zeroSteiner provides a wrap-up: https://t.co/mRCNdf0QN6 #cybersecurity#infosec
According to a new report by Rapid7 researchers, these are among the most commonly used passwords โ and usernames ๐ (Yes, "password" IS one of them). Are yours on the list?
More about the research in our quick blog post: https://t.co/ujNNHohy5k
"Over the next 4 years, 85% of organizations will be #cloud-first." โ Live @AWSreInvent, Rapid7 expert James Green discusses this topic and more during a lightning session on strengthening threat detection & response โก๏ธโ๏ธ
(Similar topic in today's blog: https://t.co/TCgJRUlTx2)
For Apache Commons vulnerability CVE-2022-42899, "Patch but Don't Panic" is the consensus. Rapid7 Principal Researcher @ErickGalinkin discusses what it would take to see widespread exploitation in a new piece by @DarkReading.
Read more: https://t.co/bPM17w91St
CVE-2022-42889, which some have begun calling โText4Shell,โ is a vulnerability in the popular Apache Commons Text library that can result in code execution when processing malicious input.
Read more & find mitigation guidance โคต๏ธ
https://t.co/Tt3LzdqfLR
Microsoft has confirmed 2 new zero-day vulnerabilities, CVE-2022-41040 & CVE-2022-41082, are being exploited in "limited, targeted attacks." Find the latest mitigation guidance in our blog โ which we will continue to update as more info becomes available. https://t.co/iBlJYvboxT
๐ง In a new episode of our Security Nation #podcast, Rapid7 hosts @Infosecjen and @todb chat with Taki Uchiyama about his work on Panasonicโs Product Security Incident Response Team.
Tune in here: https://t.co/3xoGUq4otn
We are thrilled to announce that today, the @NHLBruins named Rapid7 as their first-ever jersey patch partner and the official cybersecurity partner of the Bruins and @tdgarden โ beginning with the 2022-23 season.
Read the release here: https://t.co/DbY9kNCdD1
For every Patch Tuesday, there's an Overtime Wednesday. Join Rapid7 Principal Security Researcher @CurtBarnard on a (literal) walk through some of yesterday's patches, and learn more in a new blog: https://t.co/YfJXtxV1MH