What’s New in Rapid7 Detection & Response: Q3 2023 in Review

This post takes a look at some of the investments we've made throughout Q3 2023 to our Detection and Response offerings to provide advanced DFIR capabilities with Velociraptor, more flexibility with custom detection rules, enhancements to our dashboard and log search features, and more. Stop...

CVE-2023-5113

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

CVE-2023-5113

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

Cross site scripting

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

CVE-2023-5113 Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

CVE-2023-5113

CVE-2023-5113 affects HP Enterprise LaserJet and HP LaserJet Managed Printers. The vulnerability arises from WS-Print handling and possible Cross-Site Scripting via jQuery-UI, enabling denial of service and XSS conditions. Documented impact is a MEDIUM severity with network access required and us...

Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. Update your printer firmware...

Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement

Microsoft security researchers recently identified a campaign where attackers attempted to move laterally to a cloud environment through a SQL Server instance. This attack technique demonstrates an approach weve seen in other cloud services such as VMs and Kubernetes cluster, but not in SQL Serve...

AWS Graviton Use Cases

Discover how AWS Graviton’s optimized processors help provide a superior price-performance ratio. Available for AWS-managed services, you’ll gain insight on strategies, use cases, and insight on how to get the most out of AWS Graviton...

Malwarebytes MDR wins G2 awards for "Best ROI," "Easiest to Use," and more

Malwarebytes Managed Detection and Response MDR earned a placed in 12 new reports on G2s Fall 2023 reports, winning badges for "Easiest to do Business With," "Best Est. ROI," "Easiest to Use," and "Easiest Admin." Purpose-built for resource constrained teams, Malwarebytes MDR provides IT staff wi...

Webinar: Bridging digital transformation & cybersecurity

Digital transformation may be revolutionizing businesses and the way we operate, but it also presents notable challenge: How can organizations stay secure amidst the ceaseless tide of change? Our latest Byte Into Security webinar has the answers. Meet the Experts Marcin Kleczynski, CEO of...

Hive Pro Partners with Tech Titan to Fortify Cybersecurity Landscape in Southeast Asia

HERNDON, VA., Sept. 26, 2023 - Hive Pro®, a pioneer vendor in Threat Exposure Management, is thrilled to announce a strategic partnership with Tech Titan Group, a leading IT Solutions Provider renowned for its innovation-driven approach and dedication to addressing evolving customer needs across...

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to IBM MQ (CVE-2023-28513).

Summary Features requiring MQ client connectivity in IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to IBM MQ CVE-2023-28513. The fix includes IBM Managed File Transfer and IBM MQ classes for Java at version 9.2.0.15 Vulnerability Details...

Hive Pro Celebrates Remarkable Milestones in Securicom MSSP Partnership

HERNDON, VA., Sept. 13, 2023 - Hive Pro®, a pioneer vendor in Threat Exposure Management, is thrilled to announce significant achievements in its collaboration with Securicom, a customer-centric Global Managed IT Security Services Provider MSSP. This partnership marks a crucial step forward in...

ALSA-2023:5146 Moderate: .NET 7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.111 and .NET Runtime 7.0.11...

ALSA-2023:5145 Moderate: .NET 7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.111 and .NET Runtime 7.0.11...

JSCAPE MFT Server Code Issue Vulnerability

JSCAPE MFT Server is a flexible and scalable hosted file transfer solution from JSCAPE USA. A security vulnerability exists in JSCAPE MFT Server versions prior to 2023.1.9 that stems from the presence of insecure deserialization, which allows an attacker to run arbitrary Java code through its...

PT-2023-4877 · Jscape · Jscape Mft Server

Name of the Vulnerable Software and Affected Versions: JSCAPE MFT Server versions prior to 2023.1.9 Description: The issue is related to unsafe deserialization in the JSCAPE MFT Server, which allows an attacker to execute arbitrary Java code, including OS commands, via its management interface...

Oracle Linux 8 : bind (ELSA-2019-3552)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3552 advisory. - Fix CVE-2018-5745 - Fix CVE-2019-6465 - Fix CVE-2019-6471 Tenable has extracted the preceding description block directly from the Oracle Linux securi...

.NET 7.0 bugfix update

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET Core is a managed-software framework. It implements a subset of the .N...