Looking back to look forward

Welcome back to the Rapid7 Rundown! As always, find all the latest cybersecurity updates to take command of your attack surface.

2024 Threat Landscape Statistics

Global experts across Rapid7 Labs and Managed Services teams compiled statistics and trends that caught their eye throughout 2024.

Spanning ransomware, initial access vectors, common malware strains, notable CVE exploitation, and more, check out these insights to start the new year on the right foot. Find the research here.

Phishing, with Ray Bourque

Bruins legend Ray Bourque recently stopped by Rapid7's Boston HQ to talk Defense with our teammates. Whether he got the "Cyber" memo is still up in the air. ??

Miss the 2025 Security Predictions Webinar?

Get a full understanding of what the new year could bring, from panelists Brian Honan , CEO of BH Consulting , with Rapid7 security and policy experts Raj Samani , Chief Scientist, and Sabeen Malik , VP of Global Government Affairs and Public Policy.

Watch the webinar on-demand

MXDR Adds Coverage for Amazon Web Services Environments

Rapid7's MXDR service now has enhanced support from Amazon Web Services (AWS). Customers get deeper cloud detection and response capabilities by combining cloud native telemetry, AWS security telemetry, and enhanced detections in the Rapid7 Command Platform to drive broader, faster threat detection and remediation, delivered by the Rapid7 SOC.

Learn more

From Siloed to Seamless: How Evri Automated Workflows with the Command Platform

Matthew Garvey , Security Operations Manager, and Richa Bhuttar , Director of Engineering & Cyber Security, detail how the UK's largest parcel delivery company has been able to transform their security operations with Rapid7. ??

Watch the video

Quick Hits from Rapid7

New Research: Enhancing Botnet Detection with AI using LLMs and Similarity Search

As botnets evolve, so do the techniques required to detect them. In first-of-its-kind research, Rapid7’s Dr. Stuart Millar PhD , in collaboration with Kumar Shashwat, Francis Hahn and Prof. Xinming Ou, at the University of South Florida , studied the use of AI large language models (LLMs) to detect botnets' use of TLS encryption by analyzing embedding similarities to weed out botnets within a sea of benign TLS certificates.

Why Cybercriminals Are Not Necessarily Embracing AI

As published in HackerNoon , Christiaan Beek details how Universal Adversarial Perturbations (UAPs) have gained attention, yet cybercriminals have not widely adopted these AI-driven techniques. Learn why using AI to defeat AI may not be as natural of a progression as it sounds.

What’s New in Rapid7 Products & Services: Q4 2024 in Review

Continued investments in the Command Platform provide customers with a holistic, actionable view of their entire attack surface—from Exposure Management to Detection and Response. Key releases and updates include a new Platform Home Navigation experience, extensibility enhancements to Exposure Command and Surface Command, and expanded MXDR support.

What's popping up on the security landscape?

Rapid7's Emergent Threat Response (ETR) team covers CVEs in real time for the cybersecurity community, and Rapid7 customers can take immediate action with applicable documentation.

?? Here are some recent CVEs and threat activity to take note of:

• CVE-2024-55591: Fortinet Firewalls Hit with New Zero-Day Attack, Older Data Leak. Learn more
• CVE-2025-0282: Ivanti Connect Secure Zero-Day Exploited in the Wild. Learn more
• Modular Java Backdoor Dropped in Cleo Exploitation Campaign. Learn more
• CVE-2024-55956: Widespread Exploitation of Cleo File Transfer Software. Learn more
• Multiple Vulnerabilities in Wowza Streaming Engine (Fixed). Learn more

See you next time!

Don't forget to subscribe to the Rapid7 Rundown! You can also keep up with the latest at Rapid7 here on LinkedIn, and on X.