Rapid7 completes IRAP PROTECTED assessment for Insight Platform solutions

Exciting news from Australia! Rapid7 has successfully completed an Information Security Registered Assessors Program IRAP assessment to PROTECTED Level for several of our Insight Platform solutions. What is IRAP? An IRAP assessment is an independent assessment of the implementation,...

Blueprint for Success: Implementing a CTEM Operation

The attack surface isn't what it once was and it's becoming a nightmare to protect. A constantly expanding and evolving attack surface means risk to the business has skyrocketed and current security measures are struggling to keep it protected. If you've clicked on this article, there's a good...

regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

The Qualys Threat Research Unit TRU has discovered a Remote Unauthenticated Code Execution RCE vulnerability in OpenSSH’s server sshd in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler race condition in OpenSSHs server...

Combatting the Evolving SaaS Kill Chain: How to Stay Ahead of Threat Actors

The modern kill chain is eluding enterprises because they aren't protecting the infrastructure of modern business: SaaS. SaaS continues to dominate software adoption, and it accounts for the greatest share of public cloud spending. But enterprises and SMBs alike haven't revised their security...

New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites

Multiple content management system CMS platforms like WordPress, Magento, and OpenCart have been targeted by a new credit card web skimmer called Caesar Cipher Skimmer. A web skimmer refers to malware that is injected into e-commerce sites with the goal of stealing financial and payment...

Important: kernel-livepatch-6.1.75-99.163

Issue Overview: A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The nftverdictinit function allows positive values as drop error within the hook verdict, and hence the nfhookslow function can cause a double...

PT-2024-8780 · Zoho · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8110 Description: The issue is related to a lack of protection of the SQL query structure in the Windows Active Directory management and reporting tool. This can allow a remote attacker to...

PT-2024-8781 · Zohocorp · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8110 Description: The issue is related to a lack of protection in the SQL query structure, which can be exploited to execute custom queries and gain access to database table records. This is a...

CVE-2024-2013

An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway component that if exploited allows attackers without any access to interact with the services and the post-authentication attack surface...

CVE-2024-2013

CVE-2024-2013 describes an authentication bypass in the FOXMAN-UN/UNEM server and its APIGateway, enabling unauthenticated interaction with services and the post-authentication surface. The vulnerability is tracked in multiple feeds (NVD, Red Hat, CVE List, ICS advisories) with CVSS v3.1 metrics ...

CVE-2021-47491

In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened readonly and mapped with VMEXEC. The intended usecase is to avoid TLB misses for large text segments...

UBUNTU-CVE-2021-47491

In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened readonly and mapped with VMEXEC. The intended usecase is to avoid TLB misses for large text segments...

CVE-2021-47491 mm: khugepaged: skip huge page collapse for special files

In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened readonly and mapped with VMEXEC. The intended usecase is to avoid TLB misses for large text segments...

CVE-2021-47491 mm: khugepaged: skip huge page collapse for special files

In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened readonly and mapped with VMEXEC. The intended usecase is to avoid TLB misses for large text segments...

5 key MDR differentiators to look for to build stronger security resilience

Organizations looking to address the skills gap and bring greater efficiency as their business grows and their attack surface sprawls are turning to MDR providers at an accelerated pace. We’ve seen predictions from top analyst firms signaling the rapid rate of adoption of an MDR provider by 2025...

A SaaS Security Challenge: Getting Permissions All in One Place 

Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user's base permission is determined by their role, while additional permissions may ...

New capabilities to help you secure your AI transformation

AI is transforming our world, unlocking new possibilities to enhance human abilities and to extend opportunities globally. At the same time, we are also facing an unprecedented threat landscape with the speed, scale, and sophistication of attacks increasing rapidly. To meet these challenges, we...

When is One Vulnerability Scanner Not Enough?

Like antivirus software, vulnerability scans rely on a database of known weaknesses. That's why websites like VirusTotal exist, to give cyber practitioners a chance to see whether a malware sample is detected by multiple virus scanning engines, but this concept hasn't existed in the vulnerability...

Docker Engine 26.0.0 < 26.0.2 Unexpected Resource Exposure

The version of the Docker Engine installed on the remote host is 26.0.x prior to 26.0.2. It is therefore affected by an unexpected resource exposure vulnerability. In the affected versions of Moby, an open source container framework that is a key component of Docker Engine, Docker Desktop, and...

Unveiling the Hidden Power of the CMDB in Cybersecurity

In the ever-evolving landscape of cybersecurity, where attacks grow increasingly sophisticated, organizations must leverage every tool at their disposal to stay one step ahead. While CISOs and SecOps teams often focus on disciplines such as vulnerability detection, attack surface management, and...