Lucene search
+L
Rapid7blogMost viewed

1728 matches found

Rapid7 Blog
Rapid7 Blog
added 2022/03/03 10:53 p.m.482 views

The Top 5 Russian Cyber Threat Actors to Watch

This post was updated on March 10, 2022 to include a section on the Conti Ransomware Group. As we continue to monitor the situation between Russia and Ukraine – and the potential for global cybersecurity impacts – we realize that our customers and other business and industry stakeholders may be...

9.3CVSS0.4AI score0.81628EPSS
Exploits22
Rapid7 Blog
Rapid7 Blog
added 2022/06/09 4:39 p.m.474 views

Announcing Metasploit 6.2

Metasploit 6.2.0 has been released, marking another milestone that includes new modules, features, improvements, and bug fixes. Since Metasploit 6.1.0 August 2021 until the latest Metasploit 6.2.0 release we’ve added: 138 new modules 148 enhancements and features 156 bug fixes Top modules Each...

10CVSS0.99999EPSS
Exploits570
Rapid7 Blog
Rapid7 Blog
added 2022/03/18 5:38 p.m.460 views

Metasploit Weekly Wrap-Up

CVE-2022-21999 - SpoolFool Our very own Shelby Pace has added a new module for the CVE-2022-21999 SpoolFool privilege escalation vulnerability. This escalation vulnerability can be leveraged to achieve code execution as SYSTEM. This new module has successfully been tested on Windows 10 10.0 Build...

7.5CVSS0.5AI score0.99657EPSS
Exploits32
Rapid7 Blog
Rapid7 Blog
added 2021/03/03 7:23 p.m.439 views

Mass Exploitation of Exchange Server Zero-Day CVEs: What You Need to Know

On March 2, 2021, the Microsoft Threat Intelligence Center MSTIC released details on an active state-sponsored threat campaign exploiting four zero-day vulnerabilities in on-premises instances of Microsoft Exchange Server. MSTIC attributes this campaign to HAFNIUM, a group “assessed to be...

7.5CVSS9.4AI score0.99999EPSS
Exploits69
Rapid7 Blog
Rapid7 Blog
added 2021/01/08 7:54 p.m.421 views

Metasploit Wrap-Up

Struts2 Multi Eval OGNL RCE Our very own zeroSteiner added exploit/multi/http/struts2multievalognl, which exploits Struts2 evaluating OGNL expressions in HTML attributes multiple times CVE-2019-0230 and CVE-2020-17530. The CVE-2019-0230 OGNL chain for remote code execution requires a one-time cha...

10CVSS9.4AI score0.97822EPSS
Exploits46
Rapid7 Blog
Rapid7 Blog
added 2021/06/18 4:46 p.m.405 views

Metasploit Wrap-Up

I'm very Emby-ous Community contributor btnz-k has authored a new Emby Version Scanner module consisting of both an exploit and a scanner for the SSRF vulnerability found in Emby. Emby is a previously open source media server designed to organize, play, and stream audio and video to a variety of...

9CVSS0.87154EPSS
Exploits15
Rapid7 Blog
Rapid7 Blog
added 2024/02/05 7:8 p.m.404 views

Exploring the (Not So) Secret Code of Black Hunt Ransomware

It seems like every week, the cybersecurity landscape sees the emergence of yet another ransomware variant, with Black Hunt being one of the latest additions. Initially reported by cybersecurity researchers in 2022, this new threat has quickly made its presence known. In a recent incident, Black...

8.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/04/05 4:9 p.m.401 views

Using InsightVM Remediation Projects To Ensure Accountability

One benefit of InsightVM reporting is that it enables security teams to build accountability into remediation projects. There are a number of ways this can be accomplished and the approach you take will be dictated by your organization’s specific structure and needs. In this blog, we’ll look at t...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/07/16 7:47 p.m.397 views

Metasploit Wrap-Up

Eternal Blue improvements Prior to this release Metasploit offered two separate exploit modules for targeting MS17-010, dubbed Eternal Blue. The Ruby module previously only supported Windows 7, and a separate ms17010eternalbluewin8 Python module would target Windows 8 and above. Now Metasploit...

10CVSS1.1AI score0.99999EPSS
Exploits58
Rapid7 Blog
Rapid7 Blog
added 2022/04/01 10:26 p.m.391 views

Securing Your Applications Against Spring4Shell (CVE-2022-22965)

The warm weather is starting to roll in, the birds are chirping, and Spring... well, Spring4Shell is making a timely entrance. If you’re still recovering from Log4Shell, we’re here to tell you you're not alone. While discovery and research of CVE-2022-22965 is evolving, Rapid7 is committed to...

7.5CVSS0.2AI score0.99677EPSS
Exploits103
Rapid7 Blog
Rapid7 Blog
added 2021/11/12 3:36 p.m.388 views

Metasploit Wrap-Up

Callback Hell Metasploit has now added an exploit module for CVE-2021-40449, a Windows local privilege escalation exploit caused by a use-after-free during the NtGdiResetDC callback in vulnerable versions of win32k.sys. This module can be used to escalate privileges to those of NT AUTHORITY\SYSTE...

6.8CVSS9AI score0.73381EPSS
Exploits18
Rapid7 Blog
Rapid7 Blog
added 2021/04/16 6:9 p.m.373 views

Metasploit Wrap-Up

Google Chrome exploits return Community member r4j0x00 contributed a new module for CVE-2020-16040, an integer overflow in the SimplifiedLowering phase of TurboFan in Google Chrome = 87.0.4280.66 that grants attackers RCE. Whilst the exploit in and of itself does not grant RCE by default, unless...

9CVSS0.8AI score0.99595EPSS
Exploits23
Rapid7 Blog
Rapid7 Blog
added 2020/10/19 1:6 p.m.370 views

Are You Still Running End-of-Life Windows Servers?

Windows Server 2008 and 2008 R2 reached their end of life EOL on Jan. 14, 2020. What does that mean in practice? Well, any instances running these versions of Windows Server are no longer supported by Microsoft—no more automated fixes, updates, or technical assistance. From a security standpoint,...

9.3CVSS0.99512EPSS
Exploits75
Rapid7 Blog
Rapid7 Blog
added 2021/03/12 9:45 p.m.369 views

Metasploit Wrap-Up

Archive directory traversals, now with your daily allowance of JSP In a year already full of hot vulnerabilities, CVE-2021-21972 in VMware's vCenter Server may already seem like old news. It's not, though! Thanks to wvu-r7 for grabbing this unauthenticated file upload combined with archive...

10CVSS1.5AI score0.9957EPSS
Exploits55
Rapid7 Blog
Rapid7 Blog
added 2021/07/27 2:30 p.m.365 views

Multiple Open Source Web App Vulnerabilities Fixed

Today, Rapid7 is disclosing 9 vulnerabilities that affect 3 open-source projects: EspoCRM, Pimcore, and Akaunting. Right out of the gate, I'd like to give a special thanks to these 3 open-source project maintainers. While it's never great to learn of new vulnerabilities in your own product, all 3...

9CVSS8.1AI score0.01499EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2022/08/26 9:47 p.m.364 views

Metasploit Wrap-Up

Zimbra Auth Bypass to Shell Ron Bowes added an exploit module that targets multiple versions of Zimbra Collaboration Suite. The module leverages an authentication bypass CVE-2022-37042 and a directory traversal vulnerability CVE-2022-27925 to gain code execution as the zimbra user. The auth bypas...

6.5CVSS0.5AI score0.98975EPSS
Exploits31
Rapid7 Blog
Rapid7 Blog
added 2022/05/09 5:57 p.m.363 views

Active Exploitation of F5 BIG-IP iControl REST CVE-2022-1388

On May 4, 2022, F5 released an advisory listing several vulnerabilities, including CVE-2022-1388, a critical authentication bypass that leads to remote code execution in iControl REST with a CVSSv3 base score of 9.8. The vulnerability affects several different versions of BIG-IP prior to 17.0.0,...

10CVSS0.8AI score0.99999EPSS
Exploits312
Rapid7 Blog
Rapid7 Blog
added 2022/03/30 10:33 p.m.354 views

Spring4Shell: Zero-Day Vulnerability in Spring Framework (CVE-2022-22965)

Rapid7 has completed remediating the instances of Spring4Shell CVE-2022-22965 and Spring Cloud CVE-2022-22963 vulnerabilities that we found on our internet-facing services and systems. For further information and updates about our internal response to Spring4Shell, please see our post here. If yo...

9.3CVSS9.9AI score0.99999EPSS
Exploits485
Rapid7 Blog
Rapid7 Blog
added 2021/06/30 6:15 p.m.352 views

CVE-2021-34527 (PrintNightmare): What You Need to Know

Vulnerability note: This blog originally referenced CVE-2020-1675, but members of the community noted the week of June 29 that the publicly available exploits that purported to exploit CVE-2021-1675 may in fact have been targeting a new vulnerability in the same function as CVE-2021-1675. This wa...

9.3CVSS0.5AI score0.99759EPSS
Exploits75
Rapid7 Blog
Rapid7 Blog
added 2023/04/26 4:54 p.m.351 views

Using Rapid7 Insight Agent and InsightVM Scan Assistant in Tandem

Background Rapid7 Insight Agent and InsightVM Scan Assistant are executables that can be deployed to assist in understanding the vulnerabilities in your environment. Frequently there are questions around when and where you would deploy each, if you need both, what they actually monitor, etc. This...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/07/29 8:32 p.m.349 views

Metasploit Weekly Wrap-Up

Roxy-WI Unauthenticated RCE This week, community member Nuri Çilengir added an unauthenticated RCE for Roxy-WI. Roxy-WI is an interface for managing HAProxy, Nginx and Keepalived servers. The vulnerability can be triggered by a specially crafted POST request to a Python script where the ipbackend...

10CVSS10AI score0.90387EPSS
Exploits15
Rapid7 Blog
Rapid7 Blog
added 2022/05/31 1:22 p.m.348 views

3 Takeaways From the 2022 Verizon Data Breach Investigations Report

Sometimes, data surprises you. When it does, it can force you to rethink your assumptions and second-guess the way you look at the world. But other times, data can reaffirm your assumptions, giving you hard proof they're the right ones — and providing increased motivation to act decisively based ...

9.3CVSS10AI score0.99999EPSS
Exploits354
Rapid7 Blog
Rapid7 Blog
added 2021/09/15 2:30 p.m.341 views

OMIGOD: How to Automatically Detect and Fix Microsoft Azure’s New OMI Vulnerability

Update: On September 16, 2021, Microsoft released an updated OMS agent v1.13.40-0 that addresses these vulnerabilities. You can download the updated version from Microsoft's GitHub repo here. In response, our team is updating the pre-built insight in InsightCloudSec to specifically look for...

7.5CVSS1.6AI score0.99723EPSS
Exploits20
Rapid7 Blog
Rapid7 Blog
added 2022/09/29 8:50 p.m.336 views

CVE-2022-41040 and CVE-2022-41082: Unpatched Zero-Day Vulnerabilities in Microsoft Exchange Server

On Thursday, September 29, a Vietnamese security firm called GTSC published information and IOCs on what they claimed was a pair of unpatched Microsoft Exchange Server vulnerabilities being used in attacks on their customers’ environments dating back to early August 2022. The impact of...

9.4AI score0.9997EPSS
Exploits16
Rapid7 Blog
Rapid7 Blog
added 2022/06/14 5:10 p.m.336 views

CVE-2022-32230: Windows SMB Denial-of-Service Vulnerability (FIXED)

A remote and unauthenticated attacker can trigger a denial-of-service condition on Microsoft Windows Domain Controllers by leveraging a flaw that leads to a null pointer deference within the Windows kernel. We believe this vulnerability would be scored as CVSSv3 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:...

10CVSS8.9AI score0.99938EPSS
Exploits30
Rapid7 Blog
Rapid7 Blog
added 2021/08/13 6:25 p.m.335 views

Metasploit Wrap-Up

Print Driver PrivEsc If you attended DEF CON last week, you may have seen this talk on print driver vulnerabilities from Metasploit community contributor Jacob Baines. In the spirit of Friday the 13th, we're highlighting some of these "print nightmares" again, in the form of two new Metasploit...

7.5CVSS9.9AI score0.95355EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2021/02/09 11:51 p.m.332 views

Patch Tuesday - February 2021

The second Patch Tuesday of 2021 is relatively light on the vulnerability count, with 64 CVEs being addressed across the majority of Microsoft’s product families. Despite that, there’s still plenty to discuss this month. Vulnerability Breakdown by Software Family Family | Vulnerability Count...

9.3CVSS0.3AI score0.99512EPSS
Exploits116
Rapid7 Blog
Rapid7 Blog
added 2021/07/23 7:39 p.m.329 views

Metasploit Wrap-Up

Now I Control Your Resource Planning Servers Sage X3 is a resource planning product designed by Sage Group which is designed to help established businesses plan out their business operations. But what if you wanted to do more than just manage resources? What if you wanted to hijack the resource...

10CVSS0.94089EPSS
Exploits21
Rapid7 Blog
Rapid7 Blog
added 2021/01/22 7:21 p.m.329 views

Metasploit Wrap-Up

Metasploit Wrapup Windows print spooler vulnerability...again Here we have bwatters-r7 coming in with an exploit for CVE-2020-1337, a patch bypass for a Windows print spooler elevation of privilege vulnerability that was exploited in the wild last year. The original vulnerability, CVE-2020-1048,...

10CVSS9.5AI score0.90049EPSS
Exploits19
Rapid7 Blog
Rapid7 Blog
added 2020/12/24 2:0 p.m.328 views

Top Security Recommendations for 2021

Happy HaXmas! We hope everyone is having a wonderful holiday season so far. This year has been wild and unpredictable, and has brought unique risks and threats to the forefront of business activities. So, to help everyone stay safer in 2021, the Strategic Advisory Services team here at Rapid7 is...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/08/03 8:13 p.m.326 views

PetitPotam: Novel Attack Chain Can Fully Compromise Windows Domains Running AD CS

The PetitPotam attack vector was assigned CVE-2021-36942 and patched on August 10, 2021. See the Updates section at the end of this post for more information. Late last month July 2021, security researcher Topotam published a proof-of-concept PoC implementation of a novel NTLM relay attack...

0.2AI score0.66023EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2022/08/05 3:13 p.m.324 views

CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE

The VMware Workspace ONE Access, Identity Manager, and vRealize Automation products contain a locally exploitable vulnerability whereby the under-privileged horizon user can escalate their permissions to those of the root user. Notably, the horizon user runs the externally accessible web...

10CVSS9.9AI score0.99997EPSS
Exploits28
Rapid7 Blog
Rapid7 Blog
added 2022/01/19 9:47 p.m.324 views

[Security Nation] Mike Hanley of GitHub on the Log4j Vulnerability

!\Security Nation\ Mike Hanley of GitHub on the Log4j Vulnerabilityhttps://blog.rapid7.com/content/images/2022/01/securitynationlogo.jpg In our first episode of Security Nation Season 5, Jen and Tod chat with Mike Hanley, Chief Security Officer at GitHub, all about the major vulnerability in...

9.3CVSS0.2AI score0.99999EPSS
Exploits354
Rapid7 Blog
Rapid7 Blog
added 2020/10/14 2:38 a.m.321 views

There Goes The Neighborhood: Dealing With CVE-2020-16898 (and CVE-2020-1656) (aka"Bad Neighbor")

If you’re in the U.S. and were waiting for an “October surprise”, look no further than CVE-2020-16898 which is a remote code execution RCE vulnerability in the Windows TCP/IP stack, or what our own Tod Beardsley likes to call “exploiting poor implementations of core IETF RFCs”. The vulnerability...

5.8CVSS9AI score0.09686EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2021/08/12 5:13 p.m.319 views

Popular Attack Surfaces, August 2021: What You Need to Know

See the Updates section at the end of this post for new information as it comes to light. Whether you attended virtually, IRL, or not at all, Black Hat and DEF CON have officially wrapped, and security folks’ brains are replete with fresh information on new and some not-so-new vulnerabilities and...

10CVSS9.6AI score0.99999EPSS
Exploits186
Rapid7 Blog
Rapid7 Blog
added 2021/07/30 6:4 p.m.314 views

Metasploit Wrap-Up

New Olympic Discipline: Hive Hunting This week, community contributor Hakyac added a new Olympic discipline to Metasploit exploit sport category, which is based on the work of community security researchers @jonasLyk and Kevin Beaumont. The rules are simple: You need to abuse a flaw in Windows 10...

8.3CVSS0.6AI score0.88158EPSS
Exploits36
Rapid7 Blog
Rapid7 Blog
added 2023/09/12 10:55 p.m.311 views

Patch Tuesday - September 2023

Microsoft is addressing 65 vulnerabilities this September Patch Tuesday, including two zero-day vulnerabilities, as well as four critical remote code execution RCE vulnerabilities, and six republished third-party vulnerabilities. Word: zero-day NTLM hash disclosure Microsoft Word receives a patch...

7.5CVSS9.3AI score0.99735EPSS
Exploits39
Rapid7 Blog
Rapid7 Blog
added 2022/05/13 4:52 p.m.307 views

Metasploit Weekly Wrap-Up

Spring4Shell module Community contributor vleminator added a new module which exploits CVE-2022-22965—more commonly known as "Spring4Shell." Depending on its deployment configuration, Java Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older can be vulnerable to unauthenticated...

10CVSS1.3AI score0.99956EPSS
Exploits173
Rapid7 Blog
Rapid7 Blog
added 2022/07/28 2:0 p.m.302 views

What’s New in InsightVM and Nexpose: Q2 2022 in Review

The Vulnerability Management team kicked off Q2 by remediating the instances of Spring4Shell CVE-2022-22965 and Spring Cloud CVE-2022-22963 vulnerabilities that impacted cybersecurity teams worldwide. We also made several investments to both InsightVM and Nexpose throughout the second quarter tha...

9.3CVSS0.6AI score0.99999EPSS
Exploits478
Rapid7 Blog
Rapid7 Blog
added 2022/08/09 7:34 p.m.299 views

Patch Tuesday - August 2022

It's the week of Hacker Summer Camp in Las Vegas, and Microsoft has published fixes for 141 separate vulnerabilities in their swath of August updates. This is a new monthly record by raw CVE count, but from a patching perspective, the numbers are slightly less dire. 20 CVEs affect their...

9.3CVSS1.2AI score0.99374EPSS
Exploits65
Rapid7 Blog
Rapid7 Blog
added 2022/02/15 3:16 p.m.293 views

How InsightAppSec Detects Log4Shell: Your Questions Answered

If you’re reading this, that means you survived the year 2021, so congratulations! For everyone in the software industry, and especially those in cybersecurity, the past 12 months probably felt like 12 rounds in the ring. Remember the Solarwinds attack and the resulting scramble to mitigate suppl...

9.3CVSS0.4AI score0.99999EPSS
Exploits354
Rapid7 Blog
Rapid7 Blog
added 2022/05/19 1:54 p.m.292 views

CVE-2022-22972: Critical Authentication Bypass in VMware Workspace ONE Access, Identity Manager, and vRealize Automation

On May 18, 2022, VMware published VMSA-2022-0014 on CVE-2022-22972 and CVE-2022-22973. The more severe of the two vulnerabilities is CVE-2022-22972, a critical authentication bypass affecting VMware’s Workspace ONE Access, Identity Manager, and vRealize Automation solutions. The vulnerability...

10CVSS0.6AI score0.99997EPSS
Exploits34
Rapid7 Blog
Rapid7 Blog
added 2021/06/30 3:26 p.m.292 views

ForgeRock Access Manager/OpenAM Pre-Auth Remote Code Execution Vulnerability (CVE-2021-35464): What You Need To Know

On June 29, 2021, security researcher Michael Stepankin @artsploit posted details of CVE-2021-35464, a pre-auth remote code execution RCE vulnerability in ForgeRock Access Manager identity and access management software. ForgeRock front-ends web applications and remote access solutions in many...

1.3AI score0.99999EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2020/12/23 2:2 p.m.290 views

Metasploit Tips and Tricks for HaXmas 2020

For this year's HaXmas, we're giving the gift of Metasploit knowledge! We'll cover a mix of old, new, or recently improved features that you can incorporate into your workflows. Some of our readers may already know these tips and tricks for using Metasploit, but for the others who aren't aware of...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/03/04 9:52 p.m.286 views

Metasploit Weekly Wrap-Up

This week’s Metasploit Framework release brings us seven new modules. IP Camera Exploitation Rapid7’s Jacob Baines was busy this week with two exploit modules that target IP cameras. The first module exploits an authenticated file upload on Axis IP cameras. Due to lack of proper sanitization, an...

9.3CVSS0.99869EPSS
Exploits215
Rapid7 Blog
Rapid7 Blog
added 2022/03/04 2:30 p.m.286 views

Russia-Ukraine Cybersecurity Updates

Cyberattacks are a distinct concern in the Russia-Ukraine conflict, with the potential to impact individuals and organizations far beyond the physical frontlines. With events unfolding rapidly, we want to provide a single channel by which we can communicate to the security community the major...

9.3CVSS0.4AI score0.99759EPSS
Exploits75
Rapid7 Blog
Rapid7 Blog
added 2022/09/13 8:11 p.m.283 views

Patch Tuesday - September 2022

This month’s Patch Tuesday is on the lighter side, with 79 CVEs being fixed by Microsoft including 16 CVEs affecting Chromium, used by their Edge browser, that were already available. One zero-day was announced: CVE-2022-37969 is an elevation of privilege vulnerability affecting the Log File Syst...

1.9CVSS1.1AI score0.85762EPSS
Exploits14
Rapid7 Blog
Rapid7 Blog
added 2021/08/20 7:12 p.m.280 views

Metasploit Wrap-Up

Anyone enjoy making chains? The community is hard at work building chains to pull sessions out of vulnerable Exchange servers. This week Rapid7's own wvu & Spencer McIntyre added a module that implements the ProxyShell exploit chain originally demonstrated by Orange Tsai. The module also benefite...

10CVSS0.2AI score0.99999EPSS
Exploits23
Rapid7 Blog
Rapid7 Blog
added 2022/04/15 2:22 p.m.278 views

Let's Dance: InsightAppSec and tCell Bring New DevSecOps Improvements in Q1

To the left, to the left, to the right, right — the CI/CD Pipeline is on the move. DevSecOps is all about adding security across the application lifecycle. A popular approach to application security is to shift left, which means moving security earlier in the software development lifecycle SDLC...

9.3CVSS0.1AI score0.99999EPSS
Exploits447
Rapid7 Blog
Rapid7 Blog
added 2022/02/25 1:31 a.m.278 views

Staying Secure in a Global Cyber Conflict

Now that Russia has begun its armed invasion of Ukraine, we should expect increasing risks of cybersecurity attacks and incidents, either as spillover from cyberattacks targeting Ukraine or direct attacks against actors supporting Ukraine. Any state-sponsored Russian attacks aiming to support the...

9CVSS0.6AI score0.99965EPSS
Exploits34
Total number of security vulnerabilities1728