Rapid7 Labs Researchers to Speak at Black Hat USA 2025 and DEF CON 33.

Rapid7 Labs speakers will present at Black Hat USA 2025 and DEF CON 33, showcasing their research on emerging threats and vulnerabilities. Sessions will cover Metasploit's latest attack capabilities and workflow improvements, Akheron Proxy, and the weaponization of cellular-based IoT technology. The knowledge shared represents Rapid7's 25 years of security program expertise, enabling attendees to proactively address cybersecurity challenges.

Rapid7 Labs, a division of Rapid7 Inc. (NASDAQ: RPD), has announced its speaker lineup for the upcoming Black Hat USA 2025 and DEF CON 33 security conferences in Las Vegas. The company's security researchers will present four significant sessions covering various cybersecurity topics, including the latest attack capabilities of Metasploit, security testing methods via Akheron Proxy, the weaponization of cellular-based IoT technology, and a critical vulnerability in Synology NAS devices.

The sessions will feature live demonstrations and insights from Rapid7 Labs' research team, showcasing the company's 25 years of security program expertise. The presentations are scheduled between August 2-10, 2025, at various locations in Las Vegas.

The first session, "Metasploit's Latest Attack Capability and Workflow Improvements," will be presented by Spencer McIntyre and Jack Heysel on August 6 at 11:00 AM PDT in the Business Hall, Arsenal Station 6. This session will cover the latest capabilities of Metasploit, including SMB-to-LDAP and SMB-to-HTTP relaying, expanded support for Active Directory Certificate Services (AD CS) attacks, and new process injection techniques.

Another session, "Akheron Proxy — Interchip Communication Serial Proxy," will also be presented on August 6 at 11:00 AM PDT in the Business Hall, Arsenal Station 9. Deral Heiland and Matthew Kienow will discuss security testing methods via Akheron Proxy, a serial communication proxy application tool designed to connect and proxy serial communication between microprocessors on a hardware circuit board.

On August 7, Rapid7 Labs will present "Weaponization of Cellular-Based IoT Technology — Leveraging Smart Devices to Gain a Foothold." Deral Heiland and Carlota Bindner will analyze how adversaries exploit IoT devices with built-in cellular technology, including live demonstrations and discussions on mitigation techniques.

Finally, on August 8, Ryan Emmons will present "DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks" at DEF CON 33. This session will reveal a critical vulnerability in Synology NAS devices, demonstrating how unauthenticated attackers could achieve root-level remote code execution on millions of devices.

Raj Samani, chief scientist at Rapid7, expressed his enthusiasm for the event, stating, "Between Black Hat and DEF CON, we are thrilled to have four extremely talented security researchers presenting this year. But even beyond that, these two annual conferences are an important time for the Rapid7 Labs team to connect with the community, exchange actionable insights, and address shared challenges together."

Rapid7 Inc. is a leader in threat detection and exposure management, empowering security professionals to manage a modern attack surface through its best-in-class technology, leading-edge research, and broad, strategic expertise. The company's comprehensive security solutions help more than 11,000 global customers reduce attack surfaces and eliminate threats with speed and precision.

[1] https://www.stocktitan.net/news/RPD/rapid7-labs-security-researchers-to-speak-at-black-hat-usa-2025-and-3sye78sqrhuw.html