Lucene search
+L

150 matches found

Rapid7 Blog
Rapid7 Blog
added 2023/11/29 3:46 p.m.6 views

Rapid7 Takes Next Step in AI Innovation with New AI-Powered Threat Detections

Digital transformation has created immense opportunity to generate new revenue streams, better engage with customers and drive operational efficiency. A decades-long transition to cloud as the de-facto delivery model of choice has delivered undeniable value to the business landscape. But any chan...

6.6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/11/21 5:0 p.m.37 views

Microsoft named a Leader in 2023 Gartner® Magic Quadrant™ for Access Management for the 7th year​​

Protecting identity from compromise is top of mind for security professionals as identity attacks continue to intensify. Earlier this year we reported that we had observed a nearly three-fold increase in password attacks per second in the last two years, from 579 in 2021 to 4,000 in 2023.1 Identi...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2023/09/29 11:30 a.m.31 views

Skyhook - A Round-Trip Obfuscated HTTP File Transfer Setup Built To Bypass IDS Detections

Skyhook is a REST-driven utility used to smuggle files into and out of networks defended by IDS implementations. It comes with a pre-packaged web client that uses a blend of React, vanilla JS, and web assembly to manage file transfers. Key Links Download here See the user documentation to get...

7.2AI score
Exploits0References5
Malwarebytes
Malwarebytes
added 2023/09/27 8:0 a.m.14 views

Malwarebytes Admin update: New Detection screens to manage threats!

We released version 1.2 of the Malwarebytes Admin app for iOS and Android last week, adding new Detection features make it easier to see and manage threats. Designed as a companion to the Nebula console, Malwarebytes Admin allows administrators to quickly review, investigate, and resolve security...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2023/09/12 2:55 p.m.37 views

Wiz enhances real-time threat detection and response capabilities to stop threats from becoming incidents

The Wiz Runtime Sensor for Kubernetes graduates to general availability with proven ability to detect cloud attacks, greater customization for detections, and new cloud-native response capabilities...

6.9AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2023/07/11 7:0 a.m.21 views

Guidance on Microsoft Signed Drivers Being Used Maliciously

Executive Summary: Microsoft was recently informed that drivers certified by Microsoft’s Windows Hardware Developer Program MWHDP were being used maliciously in post-exploitation activity. In these attacks, the attacker gained administrative privileges on compromised systems before using the...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/29 12:15 p.m.5 views

AceCryptor: Cybercriminals' Powerful Weapon, Detected in 240K+ Attacks

A crypter alternatively spelled cryptor malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/25 1:39 p.m.101 views

New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government

An unnamed government entity associated with the United Arab Emirates U.A.E. was targeted by a likely Iranian threat actor to breach the victim's Microsoft Exchange Server with a "simple yet effective" backdoor dubbed PowerExchange. According to a new report from Fortinet FortiGuard Labs, the...

7.6AI score
Exploits0
Trellix
Trellix
added 2023/05/21 12:0 a.m.4 views

Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect - Part 2

Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect - Part 2 By Maulik Maheta · May 21, 2023 This blog was also written by Chintan Shah Executive summary In the part 1 of this series we discussed in depth about the known Lateral movement attacks like abusing weak service...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/18 9:53 a.m.3 views

Escalating China-Taiwan Tensions Fuel Alarming Surge in Cyber Attacks

The rising geopolitical tensions between China and Taiwan in recent months have sparked a noticeable uptick in cyber attacks on the East Asian island country. "From malicious emails and URLs to malware, the strain between China's claim of Taiwan as part of its territory and Taiwan's maintained...

7.3AI score
Exploits0
CISA
CISA
added 2023/05/09 12:0 p.m.4 views

CISA and Partners Disclose Snake Malware Threat From Russian Cyber Actors

Today, CISA and partners released a joint advisory for a sophisticated cyber espionage tool used by Russian cyber actors. Hunting Russian Intelligence “Snake” Malware provides technical descriptions of the malware’s host architecture and network communications, and mitigations to help detect and...

7AI score
Exploits0References4
Akamai Blog
Akamai Blog
added 2023/04/20 1:0 p.m.17 views

Akamai Announces Advanced Bot Detections, Global Recognition of Entities

...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/14 1:30 p.m.19 views

Port scan attacks: Protecting your business from RDP attacks and Mirai botnets

Compromised IP addresses and domains--otherwise legitimate sites that are exploited by hackers without the owner's knowledge--are frequently utilized to conduct port scanning attacks. Port scanning involves systematically scanning a computer network for open ports, which can then be exploited by...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/23 11:47 a.m.4 views

Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data

A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the notorious North Korea-aligned Lazarus Group, new findings reveal. The payload, dubbed WinorDLL64 by ESET, is a fully-featured implant that can exfiltrate, overwrite, and delete...

7.1AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:46 p.m.226 views

K54150332: ASP.NET x-up-devcap-post-charset header security exposure

Security Advisory Description An attacker may be able to evade ASM detections by including the x-up-devcap-post-charset header when sending requests to an ASP.NET application, to craft a request payload with language encoding that is not supported by BIG-IP ASM/Advanced WAF, and is different to...

6.6AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.4 views

SUSE CVE-2016-10728

An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the toclient direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection...

5.3CVSS6.9AI score0.02091EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2023/02/03 12:0 a.m.19 views

VMware vRealize Log Insight Detection Consolidation

Consolidation of VMware vRealize Log Insight detections. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; if...

7.4AI score
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2023/02/01 6:33 p.m.12 views

XDR, the Beatles, and Blunt Instruments

Sometimes tools are blunt because there’s nothing else. Regarding economic controls for example, Fed Chair Jerome Powell said: “We have essentially interest rates, the balance sheet and forward guidance. They are famously blunt tools, they are not capable of surgical precision." Others are blunt...

7AI score
Exploits0
Trellix
Trellix
added 2023/01/24 12:0 a.m.29 views

GuLoader: The NSIS Vantage Point

GuLoader: The NSIS Vantage Point By Nico Paulo Yturriaga · January 24, 2023 GuLoader is an advanced shellcode downloader infamous for using anti-analysis tricks to evade detection and obstruct reverse engineering. As of this writing, the GuLoader campaign is aggressively ongoing. Trellix’s...

0.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/12/21 5:35 p.m.82 views

CVE-2022-41080, CVE-2022-41082: Rapid7 Observed Exploitation of `OWASSRF` in Exchange for RCE

Emergent threats evolve quickly, and as we learn more about this vulnerability, this blog post will evolve, too. Beginning December 20, 2022, Rapid7 has responded to an increase in the number of Microsoft Exchange server compromises. Further investigation aligned these attacks to what CrowdStrike...

1.2AI score0.9997EPSS
Exploits11
Rows per page
Query Builder