Lucene search
K
Rapid7blogRecent

1723 matches found

Rapid7 Blog
Rapid7 Blog
added 2024/08/05 1:0 p.m.59 views

Rapid7 Introduces Exposure Command to Eliminate the Security Visibility Gap

Exposure Command provides 360-degree visibility and enables security teams to pinpoint and extinguish your most critical risks. Security and IT teams are experiencing a significant shift in operations as they become more distributed. Development and procurement processes have decentralized, and...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/08/02 6:36 p.m.35 views

Metasploit Weekly Wrap-Up 08/02/2024

Metasploit goes to Hacker Summer Camp Next week, Metasploit will have demos at both Black Hat and DEF CON where the latest functionality from this year will be presented. The Black Hat demo will be on Thursday the 8th from 10:10 to 11:25 and the DEF CON demo will be on Saturday the 10th from 12:0...

9.8CVSS9AI score0.56838EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2024/08/01 1:30 p.m.9 views

New Cloud Risk Dashboard: Identifying Toxic Combinations to Drive Faster Remediation

Co-authored by Andrea Ruddy Risks identified within a cloud environment compound to represent a real threat of exploitation. Our cloud risk scoring, introduced recently to insightCloudSec, focuses on these toxic combinations. Toxic combinations are attractive for bad actors who can target multipl...

7.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/31 1:0 p.m.8 views

Celebrating Excellence: Rapid7 Recognized in Newsweek's Greatest Workplaces in America 2024

In a testament to its commitment to fostering an exceptional workplace environment, Rapid7 is proud to be included in Newsweek's Greatest Workplaces in America for 2024. This recognition not only underscores Rapid7's dedication to its people, but also cements its standing among companies that...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/30 1:0 p.m.15 views

New Research: The Proliferation of Cellular in IoT

Researchers explain the trend and argue for deeper understanding Analysis of Cellular Based Internet of Things IoT Technology is a new whitepaper co-authored by Rapid7 principal security researcher Deral Heiland and Thermo Fisher Scientific lead product security researcher Carlota Bindner. In thi...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/30 12:28 a.m.162 views

VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns

On Monday, July 29, Microsoft published an extensive threat intelligence blog on observed exploitation of CVE-2024-37085, an Active Directory integration authentication bypass vulnerability affecting Broadcom VMware ESXi hypervisors. The vulnerability, according to Redmond, was identified in...

9.8CVSS7.8AI score0.96823EPSS
Exploits2
Rapid7 Blog
Rapid7 Blog
added 2024/07/30 12:28 a.m.4 views

VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns

On Monday, July 29, Microsoft published an extensive threat intelligence blog on observed exploitation of CVE-2024-37085, an Active Directory integration authentication bypass vulnerability affecting Broadcom VMware ESXi hypervisors. The vulnerability, according to Redmond, was identified in...

7.2CVSS8.2AI score0.2677EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/29 2:0 p.m.5 views

Key Takeaways From The Take Command Summit: Building Resilient Cyber Defenses Through AI

One of the most talked-about sessions at the Take Command 2024 Cybersecurity Virtual Summit,"Control the Chaos: Building Resilient Cyber Defenses Through AI," featured experts from AWS and Rapid7 exploring how artificial intelligence is transforming cybersecurity and sharing practical guidance on...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/26 6:7 p.m.42 views

Metasploit Weekly Wrap-Up 07/26/2024

New module content 3 Magento XXE Unserialize Arbitrary File Read Authors: Heyder and Sergey Temnikov Type: Auxiliary Pull request: 19304 contributed by heyder Path: gather/magentoxxecve202434102 AttackerKB reference: CVE-2024-34102 Description: This adds an auxiliary module for an XXE which resul...

9.8CVSS8.3AI score0.99994EPSS
Exploits35
Rapid7 Blog
Rapid7 Blog
added 2024/07/26 1:30 p.m.8 views

Key Takeaways From The Take Command Summit: Command Your Cloud

The Cloud security landscape is constantly changing. During the "Command Your Cloud" session at the Rapid7 Take Command Summit, industry experts Ryan Blanchard, Jeffrey Gardner and Devin Krugly shared vital strategies for staying ahead of that constant change. Effective cloud security requires a...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/26 1:5 p.m.25 views

CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery

Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery SSRF. SSRF occurs when the server can be induced to perform arbitrary requests on behalf of an attacker. An attacker with unauthenticated access to the Automation 360 Control Room...

6.9CVSS7.4AI score0.30172EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/26 1:5 p.m.5 views

CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery

Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery SSRF. SSRF occurs when the server can be induced to perform arbitrary requests on behalf of an attacker. An attacker with unauthenticated access to the Automation 360 Control Room...

6.9CVSS8AI score0.30172EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/25 7:54 p.m.10 views

From Top Dogs to Unified Pack

Embracing a consolidated security ecosystem Cybersecurity is as unpredictable as it is rewarding. Each day often presents a new set of challenges and responsibilities, particularly as organizations accelerate digital transformation efforts. This means you and your cyber team may find yourselves...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/25 1:30 p.m.13 views

Buying Stuff For Free From Shopping Websites

Rapid7 is often tasked with evaluating the security of e-commerce sites. When dealing directly with customer financials, the security of these transactions is a top concern. Fortunately, there are ample pre-built e-commerce platforms one can simply purchase or install. From an attacker’s...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/24 1:0 p.m.21 views

Malware Campaign Lures Users With Fake W2 Form

The following analysts contributed to the research: Evan McCann, Matt Smith, Ipek Solak, Jake McMahon Rapid7 has recently observed an campaign targeting users searching for W2 forms using the Microsoft search engine Bing. Users are subsequently directed to a fake IRS website, enticing them to...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/19 4:46 p.m.35 views

Metasploit Weekly Wrap-Up 7/19/2024

GeoServer Unauthenticated RCE This week, contributor h00die-gr3y added an interesting exploit module that targets the GeoServer open-source application. This software is used to view, edit, and share geospatial data. Versions prior to 2.23.6, versions between 2.24.0 and 2.24.3 and versions betwee...

9.8CVSS8.2AI score0.99813EPSS
Exploits25
Rapid7 Blog
Rapid7 Blog
added 2024/07/18 4:45 p.m.9 views

Unveiling Key Insights from the 2024 Take Command Summit

The 2024 Take Command Summit, held virtually in partnership with AWS, united over 2,000 security professionals to delve into critical cybersecurity issues. Our infographic captures the essence of the summit, showcasing expert insights from 10 sessions on topics like new attack intelligence, AI...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/16 8:0 p.m.6 views

Defending Against APTs: A Learning Exercise with Kimsuky

The “evolving threat landscape” is a term we often hear within webinars and presentations taking place across the cybersecurity industry. Such a catch-all term is intended to capture the litany of threat groups and their evolving tactics, but in many ways it fails to truly acknowledge the growth ...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/12 2:33 p.m.46 views

Metasploit Weekly Wrap-Up 07/12/2024

The Usual Suspects This release features two new exploits targeting old friends: Confluence and Ivanti. CVE-2024-21683 is a very easy vulnerability to exploit, but as pointed out in the AttackerKB Review, it requires authentication as a ‘Confluence Administrator.’ On the other hand, CVE-2024-2982...

8.8CVSS8.6AI score0.99951EPSS
Exploits14
Rapid7 Blog
Rapid7 Blog
added 2024/07/11 1:0 p.m.22 views

What’s New in Rapid7 Products & Services: Q2 2024 in Review

This quarter we continued to make investments that provide security professionals with a holistic, actionable view of their entire attack surface. In Q2, we focused on enhancing visualization, prioritization, and integration capabilities across our key products and services. Below we’ve highlight...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/10 1:30 p.m.8 views

Takeaways From The Take Command Summit: Unlocking ROI in Security

Rapid7 CMO Cindy Stanton hosted a discussions with Cindy Stanton, Byron Anderson, Principal InfoSec Engineer, KinderCare Learning Companies and Gaël Frouin Director IT Security, AAA Northeast to talk strategies for measuring team performance and demonstrating ROI in cybersecurity at Rapid7’s rece...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/09 8:3 p.m.8 views

Patch Tuesday - July 2024

Microsoft is addressing 139 vulnerabilities this July 2024 Patch Tuesday, which is on the high side in terms of typical CVE counts. They’ve also republished details for 4 CVEs issued by other vendors that affect Microsoft products. Microsoft has evidence of in-the-wild exploitation for 2 of the...

9.9CVSS9.3AI score0.84345EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2024/07/09 8:3 p.m.173 views

Patch Tuesday - July 2024

Microsoft is addressing 139 vulnerabilities this July 2024 Patch Tuesday, which is on the high side in terms of typical CVE counts. They’ve also republished details for 4 CVEs issued by other vendors that affect Microsoft products. Microsoft has evidence of in-the-wild exploitation for 2 of the...

9.9CVSS9.2AI score0.84345EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2024/07/09 1:0 p.m.11 views

Boston Business Journal Names Rapid7 as a Best Place to Work in Boston

On June 13th, 2024, Rapid7 was recognized by The Boston Business Journal as a Best Place to Work in Boston. This marks the 13th consecutive year Rapid7 has made the list, this time coming in at 8 in the extra large company category. Best Places to Work rankings are based on anonymous employee...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/08 8:0 p.m.11 views

Rapid7 completes IRAP PROTECTED assessment for Insight Platform solutions

Exciting news from Australia! Rapid7 has successfully completed an Information Security Registered Assessors Program IRAP assessment to PROTECTED Level for several of our Insight Platform solutions. What is IRAP? An IRAP assessment is an independent assessment of the implementation,...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/05 4:50 p.m.27 views

Metasploit Weekly Wrap-Up 07/05/2024

I still like to MOVEit MOVEit This week, our very own sfewer-r7 added a new exploit module that leverages an authentication bypass vulnerability in the MOVEit Transfer SFTP service CVE-2024-5806. It is possible to authenticate to the SFTP service as any user as long as a valid username is known a...

9.1CVSS9.5AI score0.75812EPSS
Exploits5
Rapid7 Blog
Rapid7 Blog
added 2024/07/02 1:0 p.m.14 views

Takeaways From The Take Command Summit: Navigating Modern SOC Challenges

At our recent Take Command summit, experts delved into the pressing challenges faced by SOC teams. With 2,365 more data breaches in 2023 than in 2022 74% of which were a direct result of cyber attacks, the need for robust security operations has never been greater. Key takeaways from the 25 minut...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/28 8:36 p.m.25 views

Metasploit Weekly Wrap-Up 06/28/2024

Unauthenticated Command Injection in Netis Router This week's Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being tracked as CVE-2024-22729. The vulnerability stems from improper handling of the password...

9.8CVSS9AI score0.70779EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2024/06/27 6:1 p.m.45 views

Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz

The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler McGraw, Sarah Lee, and Thomas Elkins. Executive Summary On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Our investigation identified that the...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/27 6:1 p.m.5 views

Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz

The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler McGraw, Sarah Lee, and Thomas Elkins. Executive Summary On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Our investigation identified that the...

5.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/26 7:58 p.m.16 views

Takeaways From The Take Command Summit: Unprecedented Threat Landscape

The Rapid7 Take Command summit unveiled crucial findings from the 2024 Attack Intelligence Report, offering invaluable insights for cybersecurity professionals navigating today's complex threat landscape. Key takeaways from the 30 minute panel: 1. Rise of Zero-Day Exploits: 53% of mass compromise...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/25 6:16 p.m.38 views

Authentication Bypasses in MOVEit Transfer and MOVEit Gateway

On June 25, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer and MOVEit Gateway: CVE-2024-5806, a critical authentication bypass affecting the MOVEit Transfer SFTP service in a default configuration; and CVE-2024-5805, a critical SFTP-associated...

9.1CVSS9.8AI score0.75812EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2024/06/25 5:52 p.m.13 views

Takeaways From The Take Command Summit: Understanding Modern Cyber Attacks

In today's cybersecurity landscape, staying ahead of evolving threats is crucial. The State of Security Panel from our Take Command summit held May 21st delved into how artificial intelligence AI is reshaping cyber attacks and defenses. The discussion highlighted the dual role of AI in...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/25 1:30 p.m.16 views

From Top Dogs to Unified Pack

Embracing a consolidated security ecosystem Authored by Ralph Wascow Cybersecurity is as unpredictable as it is rewarding. Each day often presents a new set of challenges and responsibilities, particularly as organizations accelerate digital transformation efforts. This means you and your cyber...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/21 6:53 p.m.60 views

Metasploit Weekly Wrap-Up 06/21/2024

Argument Injection for PHP on Windows This week includes modules that target file traversal and arbitrary file read vulnerabilities for software such as Apache, SolarWinds and Check Point, with the highlight being a module for the recent PHP vulnerability submitted by sfewer-r7. This module...

9.8CVSS8.9AI score0.99987EPSS
Exploits131
Rapid7 Blog
Rapid7 Blog
added 2024/06/21 12:50 p.m.12 views

Takeaways From The Take Command Summit: Understanding Modern Cyber Attacks

In today's cybersecurity landscape, staying ahead of evolving threats is crucial. The State of Security Panel from our Take Command summit held May 21st delved into how artificial intelligence AI is reshaping cyber attacks and defenses. The discussion highlighted the dual role of AI in...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/18 1:0 p.m.18 views

Helpful tools to get started in IoT Assessments

The Internet of Things IoT can be a daunting field to get into. With many different tools and products available on the market it can be confusing to even know where to start. Having performed dozens of IoT assessments, I felt it would be beneficial to compile a basic list of items that are...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/17 8:28 p.m.23 views

Malvertising Campaign Leads to Execution of Oyster Backdoor

The following analysts contributed to this blog: Thomas Elkins, Daniel Thiede, Josh Lockwood, Tyler McGraw, and Sasha Kovalev. Executive Summary Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/17 8:28 p.m.9 views

Malvertising Campaign Leads to Execution of Oyster Backdoor

The following analysts contributed to this blog: Thomas Elkins, Daniel Thiede, Josh Lockwood, Tyler McGraw, and Sasha Kovalev. Executive Summary Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and...

6.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/14 7:9 p.m.50 views

Metasploit Weekly Wrap-Up 06/14/2024

New module content 5 Telerik Report Server Auth Bypass Authors: SinSinology and Spencer McIntyre Type: Auxiliary Pull request: 19242 contributed by zeroSteiner Path: scanner/http/telerikreportserverauthbypass AttackerKB reference: CVE-2024-4358 Description: This adds an exploit for CVE-2024-4358...

9.9CVSS8.2AI score0.99485EPSS
Exploits54
Rapid7 Blog
Rapid7 Blog
added 2024/06/13 1:0 p.m.10 views

Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps and Augment MDR Services

In the ever-evolving landscape of cybersecurity, staying ahead of threats is not just a goal—it's a necessity. At Rapid7, we are pioneering the infusion of artificial intelligence AI into our platform and service offerings, transforming the way security operations centers SOCs around the globe...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/11 7:43 p.m.6 views

Patch Tuesday - June 2024

It’s June 2024 Patch Tuesday. Microsoft is addressing 51 vulnerabilities today, and has evidence of public disclosure for just a single one of those. At time of writing, none of the vulnerabilities published today are listed on CISA KEV, although this is always subject to change. Microsoft is...

9.8CVSS9.6AI score0.99995EPSS
Exploits28
Rapid7 Blog
Rapid7 Blog
added 2024/06/11 7:43 p.m.211 views

Patch Tuesday - June 2024

It’s June 2024 Patch Tuesday. Microsoft is addressing 51 vulnerabilities today, and has evidence of public disclosure for just a single one of those. At time of writing, none of the vulnerabilities published today are listed on CISA KEV, although this is always subject to change. Microsoft is...

9.8CVSS9.7AI score0.99995EPSS
Exploits28
Rapid7 Blog
Rapid7 Blog
added 2024/06/11 4:38 p.m.7 views

Enhancing Velociraptor with the Cado Security Platform

By: Nicholas Handy, Director of Technical Alliances & Partnerships at Cado Security Velociraptor is a robust open-source tool designed for collecting and querying forensic and incident response artifacts across various endpoints. This powerful tool allows incident responders to effortlessly gathe...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/11 2:25 p.m.48 views

CVE-2024-28995: Trivially Exploitable Information Disclosure Vulnerability in SolarWinds Serv-U

On June 5, 2024, SolarWinds disclosed CVE-2024-28995, a high-severity directory traversal vulnerability affecting their Serv-U file transfer server, which comes in two editions Serv-U FTP and Serv-U MFT. Successful exploitation of the vulnerability allows unauthenticated attackers to read sensiti...

8.6CVSS7.8AI score0.99614EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2024/06/07 5:23 p.m.35 views

Metasploit Weekly Wrap-Up 06/07/2024

New OSX payloads:ARMed and Dangerous In addition to an RCE leveraging CVE-2024-5084 to gain RCE through a WordPress Hash form, this release features the addition of several new binary OSX stageless payloads with aarch64 support: Execute Command, Shell Bind TCP, and Shell Reverse TCP. The new...

9.8CVSS10AI score0.50934EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2024/06/05 1:0 p.m.23 views

Securing AI Development in the Cloud: Navigating the Risks and Opportunities

AI-TRiSM - Trust, Risk and Security Management in the Age of AI Co-authored by Lara Sunday and Pojan Shahrivar As artificial intelligence AI and machine learning ML technologies continue to advance and proliferate, organizations across industries are investing heavily in these transformative...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/05 1:0 p.m.4 views

Securing AI Development in the Cloud: Navigating the Risks and Opportunities

AI-TRiSM - Trust, Risk and Security Management in the Age of AI Co-authored by Lara Sunday and Pojan Shahrivar As artificial intelligence AI and machine learning ML technologies continue to advance and proliferate, organizations across industries are investing heavily in these transformative...

5.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/04 1:0 p.m.23 views

The Dreaded Network Pivot: An Attack Intelligence Story

Rapid7 recently released our 2024 Attack Intelligence Report, a 14-month deep dive into the vulnerability and attacker landscape. The spiritual successor to our annual Vulnerability Intelligence Report, the AIR includes data from the Rapid7 research team combined with our detection and response a...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/05/31 6:34 p.m.19 views

New! Insight Agent Support for ARM-based Windows in InsightVM

We are pleased to introduce Insight Agent support of ARM-based Windows 11 devices for both vulnerability and policy assessment within InsightVM. Customers with Windows 11 devices powered by ARM processors can now take advantage of the great performance and lower power requirements of these chips...

7.1AI score
Exploits0
Total number of security vulnerabilities1723