From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

In this article 1. Attack chain overview 1. Initial access: Exploiting edge appliances 2. Discovery and reconnaissance 3. Lateral movement and identity compromise 2. Mitigation and protection guidance 1. Microsoft Defender XDR detections 2. Advanced hunting 3. Indicators of compromise IOC 4. MITR...

Exploit for Incorrect Default Permissions in Amazon Amplify_Cli

skycenter Attack Chain Security Analysis Engine for AWS, Azure...

Exposure Management vs Vulnerability Management: Key Differences

Is your security program truly reducing risk, or is it just getting really good at patching? This question is at the heart of the exposure management vs vulnerability management debate. A traditional approach can tell you that a door has a weak lock, but it can't tell you if that door leads to a...

Advisory ROSA-SA-2024-2464

Software: util-linux 2.32.1 OS: ROSA Virtualization 2.1 packageevrstring: util-linux-2.32.1 CVE-ID: CVE-2022-0563 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A compilation vulnerability with Readline support has been discovered in the util-linux utilities chfn and chsh. The Readline library uses the...

What’s New in Rapid7 Products & Services: Q2 2024 in Review

This quarter we continued to make investments that provide security professionals with a holistic, actionable view of their entire attack surface. In Q2, we focused on enhancing visualization, prioritization, and integration capabilities across our key products and services. Below we’ve highlight...

Uncover and Remediate Toxic Combinations with Attack Path Analysis

Particularly at enterprise scale, it’s not uncommon to have hundreds of thousands of resources running across your cloud environments at any given time. Of course, these resources aren’t running independently. In modern environments, these resources are all interconnected and in many cases...

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...

A new vision for cloud security unites builders and defenders

Our introduction of attack path analysis APA and Cloud Detection and Response CDR further enriches the context provided by our foundational Wiz Security Graph...