Posts tagged Managed Detection and Response (MDR)

18 min Incident Response

Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware

Beginning in early October, Rapid7 has observed a resurgence of activity related to the ongoing social engineering campaign being conducted by Black Basta ransomware operators.

4 min InsightIDR

New IDR Log Search Enhancements: Accelerate, Streamline, and Simplify Investigations

Rapid7’s InsightIDR, the foundation of our Managed Detection and Response (MDR) service, empowers security teams with advanced analytics, automation, and expert-led investigations.

7 min Incident Response

Investigating a SharePoint Compromise: IR Tales from the Field

Our investigation uncovered an attacker who accessed a server without authorization and moved laterally across the network, compromising the entire domain.

2 min Managed Detection and Response (MDR)

Expanding the Security Horizon: Introducing Rapid7 MDR for the Extended Ecosystem

Our Rapid7 MXDR service has always been built on InsightIDR, our native SIEM and XDR technology, operationalizing telemetry across the customer environment —endpoint, cloud, identity, and network.

4 min InsightCloudSec

What’s New in Rapid7 Products & Services: Q2 2024 in Review

In Q2, we focused on enhancing visualization, prioritization, and integration capabilities across our key products and services.

10 min Managed Detection and Response (MDR)

Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz

The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler McGraw, Sarah Lee, and Thomas Elkins. Executive Summary On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Our investigation identified that the suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes on a Windows desktop. Installers for Notezilla, along with tools called RecentX and

10 min Managed Detection and Response (MDR)

Malvertising Campaign Leads to Execution of Oyster Backdoor

Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and Microsoft Teams.

4 min Security Operations (SOC)

Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps and Augment MDR Services

At Rapid7, we are pioneering the infusion of artificial intelligence (AI) into our platform and service offerings, transforming the way security operations centers (SOCs) around the globe operate.

10 min Managed Detection and Response (MDR)

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Justice AV Solutions (JAVS) is a U.S.-based company specializing in digital audio-visual recording solutions for courtroom environments. Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk and should take immediate action.

3 min Managed Detection and Response (MDR)

5 key MDR differentiators to look for to build stronger security resilience

Organizations looking to address the skills gap and bring greater efficiency as their business grows and their attack surface sprawls are turning to MDR providers at an accelerated pace. We’ve seen predictions from top analyst firms signaling the rapid rate of adoption of an MDR provider by 2025.

15 min Managed Detection and Response (MDR)

Ongoing Malvertising Campaign Leads to Ransomware

Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains.

8 min Incident Response

Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators

Rapid7 observes ongoing social engineering campaign consistent with Black Basta

7 min Research

Stories from the SOC Part 2: MSIX Installer Utilizes Telegram Bot to Execute IDAT Loader

In part one of our blog series, we discussed how a Rust based application was used to download and execute the IDAT Loader. In part two of this series, we will be providing analysis of how an MSIX installer led to the download and execution of the IDAT Loader.

5 min Managed Detection and Response (MDR)

What’s New in Rapid7 Products & Services: Q1 2024 in Review

We kicked off 2024 with a continued focus on bringing security professionals the tools and functionality needed to anticipate risks, pinpoint threats, and respond faster with confidence.

10 min Malware

Stories from the SOC Part 1: IDAT Loader to BruteRatel

Rapid7’s Managed Detection and Response (MDR) team continuously monitors our customers' environments, identifying emerging threats and developing new detections.