Lucene search
K
Rapid7blogRecent

1723 matches found

Rapid7 Blog
Rapid7 Blog
added 2024/01/03 6:58 p.m.43 views

Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities

Rapid7, Inc. Rapid7 discovered vulnerabilities in Aladdin Connect retrofit kit garage door opener and Android mobile application produced by Genie. The affected products are: Aladdin Garage door smart retrofit kit, Model ALDCM Android Mobile application ALADDIN Connect, Version 5.65 Build 2075...

6.8CVSS6.7AI score0.00605EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/29 7:38 p.m.124 views

Metasploit 2023 Annual Wrap-Up: Dec. 29, 2023

As 2023 winds down, we’re taking another look back at all the changes and improvements to the Metasploit Framework. This year marked the 20th anniversary since Metasploit version 1.0 was committed and the project is still actively maintained and improved thanks to a thriving community. Version 6....

7.5CVSS10AI score0.99999EPSS
Exploits91
Rapid7 Blog
Rapid7 Blog
added 2023/12/29 3:52 p.m.5 views

Velociraptor 0.7.1 Release

Written by Dr. Michael Cohen Sigma Support, ETW Multiplexing, Local Encrypted Storage and New VQL Capabilities Highlight the Last Release of 2023 Rapid7 is excited to announce that version 0.7.1 of Velociraptor is live and available for download. There are several new features and capabilities th...

6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/29 3:52 p.m.17 views

Velociraptor 0.7.1 Release

Written by Dr. Michael Cohen Sigma Support, ETW Multiplexing, Local Encrypted Storage and New VQL Capabilities Highlight the Last Release of 2023 Rapid7 is excited to announce that version 0.7.1 of Velociraptor is live and available for download. There are several new features and capabilities th...

6.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/28 4:0 p.m.28 views

Mastering Industrial Cybersecurity: The Significance of Combining Vulnerability Management with Detection and Response

Written by Elad Ben-Meir, CEO SCADAfence, a Honeywell company. In today's digital era, where industries are increasingly reliant on advanced technologies, safeguarding critical infrastructure against cyber threats has become paramount. The convergence of operational technology OT and information...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/28 4:0 p.m.7 views

Mastering Industrial Cybersecurity: The Significance of Combining Vulnerability Management with Detection and Response

Written by Elad Ben-Meir, CEO SCADAfence, a Honeywell company. In today's digital era, where industries are increasingly reliant on advanced technologies, safeguarding critical infrastructure against cyber threats has become paramount. The convergence of operational technology OT and information...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/27 4:0 p.m.16 views

There’s One Last Gift Under the Tree, It’s Hands-On IoT!

It’s the holiday season and since we’re in a giving mood we thought we’d surprise our loyal readers with a fun, hands-on hardware exercise to enjoy during some well-earned downtime. But first, a little background. Every year Rapid7 has a pretty solid presence at DefCon in Las Vegas. This year was...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/22 4:32 p.m.112 views

Metasploit Weekly Wrap-Up

Getting Looney with Privilege Escalation As if Metasploit couldn’t get any loonier, this release adds a brand new exploit module for Glibc Tunables Privilege Escalation aka Looney Tunables. Now, using linux/local/glibctunablesprivesc, you can check your target’s glibc version to see if it’s...

7.5CVSS8.8AI score0.99999EPSS
Exploits44
Rapid7 Blog
Rapid7 Blog
added 2023/12/22 4:0 p.m.26 views

Securely Build AI/ML Applications in the Cloud with Rapid7 InsightCloudSec

It’s been little over a year since ChatGPT was released, and oh how much has changed. Advancements in Artificial Intelligence and Machine Learning have marked a transformative era, influencing virtually every facet of our lives. These innovative technologies have reshaped the landscape of natural...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/21 6:47 p.m.21 views

What’s New in Rapid7 Products & Services: 2023 Year in Review

Throughout 2023 Rapid7 has made investments across the Insight Platform to further our mission of providing security teams with the tools to proactively anticipate imminent risk, prevent breaches earlier, and respond faster to threats. In this blog you'll find a review of our top releases from th...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/20 4:0 p.m.22 views

Expanded Coverage and AWS Compliance Pack Updates in InsightCloudSec Coming Out of AWS Re:Invent 2023

It seems like it was just yesterday that we were in Las Vegas for AWS Re:Invent, but it’s already been almost two weeks since the conference wrapped up. As is always the case, AWS unveiled a host of new services throughout the week, including advancements around serverless, artificial intelligenc...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/19 4:0 p.m.18 views

Expanded Coverage and New Attack Path Visualizations Help Security Teams Prioritize Cloud Risk and Understand Blast Radius

Cloud environments differ in a number of ways from more traditional on-prem environments. From the immense scale and compounding complexity to the rate of change, the cloud creates a host of challenges for security teams to navigate and grapple with. By definition, anything running in the cloud h...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/19 4:0 p.m.5 views

Expanded Coverage and New Attack Path Visualizations Help Security Teams Prioritize Cloud Risk and Understand Blast Radius

Cloud environments differ in a number of ways from more traditional on-prem environments. From the immense scale and compounding complexity to the rate of change, the cloud creates a host of challenges for security teams to navigate and grapple with. By definition, anything running in the cloud h...

6.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/18 4:0 p.m.15 views

We Asked ChatGPT for 2024 Cybersecurity Predictions but You Should Make These Resolutions Instead

By Caitlin Condon, Senior Manager, Vulnerability Research at Rapid7, and Christiaan Beek, Senior Director, Threat Analytics at Rapid7 It’s that time of year again — time for the annual tradition of cybersecurity predictions. Here at Rapid7 we’ve seen a whole lot of threats and exploited...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/15 9:4 p.m.35 views

Metasploit Weekly Wrap-Up: Dec. 15, 2023

Continuing the 12th Labor of Metasploit Metasploit continues its Herculean task of increasing our toolset to tame Kerberos by adding support for ASREP Roasting, which allows retrieving the password hashes of users who have Do not require Kerberos preauthentication set on the domain controller. Th...

6.8CVSS9.3AI score0.89066EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2023/12/14 6:25 p.m.27 views

NIST SP 800-53 Rev. 5 Updates: What You Need to Know About The Most Recent Patch Release (5.1.1)

On November 7th, the National Institute of Standards and Technology NIST issued an update to SP 800-53, a NIST-curated catalog of controls that organizations can implement to effectively manage security and privacy risk. In this blog we’ll cover the new and updated controls within patch release...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/14 6:25 p.m.4 views

NIST SP 800-53 Rev. 5 Updates: What You Need to Know About The Most Recent Patch Release (5.1.1)

On November 7th, the National Institute of Standards and Technology NIST issued an update to SP 800-53, a NIST-curated catalog of controls that organizations can implement to effectively manage security and privacy risk. In this blog we’ll cover the new and updated controls within patch release...

6.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/12 9:6 p.m.80 views

Patch Tuesday - December 2023

Microsoft is addressing 34 vulnerabilities this December Patch Tuesday, including a single zero-day vulnerability and three critical remote code execution RCE vulnerabilities. December Patch Tuesday has historically seen fewer patches than a typical month, and this trend continues in 2023. This...

6.8CVSS8.7AI score0.92817EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2023/12/12 4:0 p.m.32 views

Peeking into the crystal ball: What 2023 cyber threats told us about 2024

By Raj Samani, SVP Chief Scientist, and Sabeen Malik, Vice President, Global Government Affairs and Public Policy at Rapid7 Stepping into 2024 feels like opening the latest best-selling mystery novel – you know there's adventure ahead, but the plot is still up in the air. In the twist-riddled wor...

7.5CVSS6.7AI score0.98851EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2023/12/12 4:0 p.m.4 views

Peeking into the crystal ball: What 2023 cyber threats told us about 2024

By Raj Samani, SVP Chief Scientist, and Sabeen Malik, Vice President, Global Government Affairs and Public Policy at Rapid7 Stepping into 2024 feels like opening the latest best-selling mystery novel – you know there's adventure ahead, but the plot is still up in the air. In the twist-riddled wor...

6.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/11 8:59 p.m.8 views

Living our Values and Leveraging Diverse Skill Sets: How Jonathan Atwood Built a Successful Career as a Customer Advisor at Rapid7

At Rapid7, our Customer Advisors play a pivotal role at ensuring our customers understand their threat landscape – and feel confident in their security programs. By collaborating across various internal teams, strengthening customer relationships, and proactively seeking solutions and advocating...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/08 7:15 p.m.46 views

Metasploit Wrap-Up 12/8/2023

Are You Looking for ACTION? Our very own adfoster-r7 has added a new feature that adds module actions, targets, and aliases to the search feature in Metasploit Framework. As we continue to add modules with diverse goals or targets, we’ve found ourselves leaning on these flags more and more...

7.5CVSS7.4AI score0.78428EPSS
Exploits20
Rapid7 Blog
Rapid7 Blog
added 2023/12/05 4:0 p.m.11 views

A Trusted Voice in a Crowded Market: Meet Joanne Guariglia, Senior Channel Account Manager at Rapid7

When you’re a seller, it’s important to represent a reputable brand and products you can stand behind. For many companies, their partners act as an extension of the sales team to help identify and engage new customers. As a Senior Channel Account Manager, Joanne Guariglia shares what she loves mo...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/04 6:19 p.m.9 views

Method to an Old Consultant's Madness with Site Design

If it's your first time purchasing and setting up InsightVM – or if you are a seasoned veteran – I highly recommend a ‘less is more’ strategy with site design. After many thousands of health checks performed by security consultants for InsightVM customers, the biggest challenge most consultants...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/12/01 6:27 p.m.37 views

Metasploit Weekly Wrap-Up

Customizable DNS resolution Contributor smashery added a new dns command to Metasploit console, which allows the user to customize the behavior of DNS resolution. Similarly to the route command, it is now possible to specify where DNS requests should be sent to avoid any information leak. Before...

7.5CVSS6.6AI score0.81695EPSS
Exploits18
Rapid7 Blog
Rapid7 Blog
added 2023/12/01 5:19 p.m.75 views

CVE-2023-49103 - Critical Information Disclosure in ownCloud Graph API

Rapid7 is responding to CVE-2023-49103, an unauthenticated information disclosure vulnerability impacting ownCloud. Background ownCloud is a file sharing platform designed for enterprise environments. On November 21, 2023, ownCloud disclosed CVE-2023-49103, an unauthenticated information disclosu...

7.5CVSS8.4AI score0.78428EPSS
Exploits5
Rapid7 Blog
Rapid7 Blog
added 2023/11/30 4:0 p.m.14 views

Attackers are Working Around The Clock. Luckily, So Are We.

It takes an average of 204 days for organizations to discover a breach, and from there an average of 73 days to contain it. With the average cost of a breach at an all time high of $4.45 million IBM’s Cost of a Data Breach Report 2023, there’s an undeniable need for teams to enlist the right...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/29 3:46 p.m.8 views

Rapid7 Takes Next Step in AI Innovation with New AI-Powered Threat Detections

Digital transformation has created immense opportunity to generate new revenue streams, better engage with customers and drive operational efficiency. A decades-long transition to cloud as the de-facto delivery model of choice has delivered undeniable value to the business landscape. But any chan...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/29 3:46 p.m.5 views

Rapid7 Takes Next Step in AI Innovation with New AI-Powered Threat Detections

Digital transformation has created immense opportunity to generate new revenue streams, better engage with customers and drive operational efficiency. A decades-long transition to cloud as the de-facto delivery model of choice has delivered undeniable value to the business landscape. But any chan...

6.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/28 4:55 p.m.14 views

Updates to Layered Context Enable Teams to Quickly Understand Which Risk Signals Are Most Pressing

Layered Context introduced a consolidated view of all security risks insightCloudSec collects from the various layers of a cloud environment. This enabled our customers to go from visibility into individual security risks on a resource, to understanding all of the risks that impacted that resourc...

6.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/28 4:55 p.m.3 views

Updates to Layered Context Enable Teams to Quickly Understand Which Risk Signals Are Most Pressing

Layered Context introduced a consolidated view of all security risks insightCloudSec collects from the various layers of a cloud environment. This enabled our customers to go from visibility into individual security risks on a resource, to understanding all of the risks that impacted that resourc...

6.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/27 5:0 p.m.11 views

Building our Team in Prague: Meet Martin Votruba

From developing driver-assistance software for a luxury car brand to jumping on board an NFT startup, Martin Votruba, Lead Software Engineer, is not one to shy away from a challenge. In September of 2023, joined Rapid7 as the first hire in its new Prague office. Martin is leveraging Rapid7’s...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/23 4:24 p.m.28 views

Metasploit Wrap-up

Enhancements and features 2 18548 from zeroSteiner - Updates the admin/http/tomcatghostcat module to follow newer library conventions. 18552 from adfoster-r7 - Adds support for Ruby 3.3.0-preview3. Bugs fixed 5 18448 from HynekPetrak - Fixes and updates the...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/21 3:30 p.m.19 views

When Maximum Effort Doesn't Equate to Maximum Results

It’s no secret that security teams are feeling beleaguered as a result of the barrage of data, events, and alerts generated by their security tools, to say nothing of the increased budget scrutiny and constrained staff resources that continue to plague cybersecurity practitioners. The trick is...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/20 2:33 p.m.4 views

Rapid7 Introduces AI-driven Cloud Anomaly Detection

It’s that time of year again! AWS Re:Invent, Amazon Web Services’ annual mega-conference will soon kick off in Las Vegas and there are sure to be a ton of new cloud security innovations unveiled throughout the week. From a Rapid7 perspective, we’re launching an exciting new capability - Cloud...

6.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/20 2:33 p.m.7 views

Rapid7 Introduces AI-driven Cloud Anomaly Detection

It’s that time of year again! AWS Re:Invent, Amazon Web Services’ annual mega-conference will soon kick off in Las Vegas and there are sure to be a ton of new cloud security innovations unveiled throughout the week. From a Rapid7 perspective, we’re launching an exciting new capability - Cloud...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/17 6:41 p.m.42 views

Metasploit Weekly Wrap-Up

Possible Web Service Removal Metasploit has support for running with a local database, or from a remote web service which can be initialized with msfdb init --component webservice. Future versions of Metasploit Framework may remove the msfdb remote webservice. Users that leverage this functionali...

7.5CVSS9.8AI score0.80462EPSS
Exploits11
Rapid7 Blog
Rapid7 Blog
added 2023/11/16 6:26 p.m.4 views

Manage Enterprise Risk at Scale with a Unified, Holistic Approach

The rapid pace of technological change and the attendant rise of cyber threats in both speed and number leave most organizations at a disadvantage. Historically, many firms faced this challenge simply by purchasing more technology in the hopes that the latest threat protection software would keep...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/16 6:26 p.m.21 views

Manage Enterprise Risk at Scale with a Unified, Holistic Approach

The rapid pace of technological change and the attendant rise of cyber threats in both speed and number leave most organizations at a disadvantage. Historically, many firms faced this challenge simply by purchasing more technology in the hopes that the latest threat protection software would keep...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/14 9:27 p.m.146 views

Patch Tuesday - November 2023

Microsoft is addressing 64 vulnerabilities this November Patch Tuesday, including five zero-day vulnerabilities as well as one critical remote code execution RCE vulnerability. Overall, this month sees significantly fewer vulnerabilities addressed across a smaller number of products than has been...

7.5CVSS10AI score0.99999EPSS
Exploits34
Rapid7 Blog
Rapid7 Blog
added 2023/11/10 6:59 p.m.90 views

Metasploit Weekly Wrap-Up

Apache MQ and Three Cisco Modules in a Trenchcoat This week’s release has a lot of new content and features modules targeting two major recent vulnerabilities that got a great deal of attention: CVE-2023-46604 targeting Apache MQ resulting in ransomware deployment and CVE-2023-20198 targeting Cis...

7.5CVSS9.3AI score0.99654EPSS
Exploits73
Rapid7 Blog
Rapid7 Blog
added 2023/11/10 6:56 p.m.36 views

CVE-2023-5950 Rapid7 Velociraptor Reflected XSS

This advisory covers a specific issue identified in Velociraptor and disclosed by a security code review. We want to thank Mathias Kujala for working with the Velociraptor team to identify and rectify this issue. It has been fixed as of Version 0.7.0-4, released November 6, 2023. CVSS · HIGH ·...

5.8CVSS6.8AI score0.00465EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/10 6:56 p.m.6 views

CVE-2023-5950 Rapid7 Velociraptor Reflected XSS

This advisory covers a specific issue identified in Velociraptor and disclosed by a security code review. We want to thank Mathias Kujala for working with the Velociraptor team to identify and rectify this issue. It has been fixed as of Version 0.7.0-4, released November 6, 2023. CVSS · HIGH ·...

8.6CVSS6.2AI score0.00465EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/10 3:30 p.m.5 views

Be Empathetic and Hug Your CISO More!

In the rapidly evolving landscape of cloud computing, the adoption of multi-cloud environments has become a prevailing trend. Organizations increasingly turn to multiple cloud providers to harness diverse features, prevent vendor lock-in, and optimize costs. The multi-cloud approach offers...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/10 3:30 p.m.23 views

Be Empathetic and Hug Your CISO More!

In the rapidly evolving landscape of cloud computing, the adoption of multi-cloud environments has become a prevailing trend. Organizations increasingly turn to multiple cloud providers to harness diverse features, prevent vendor lock-in, and optimize costs. The multi-cloud approach offers...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/09 2:48 p.m.20 views

NEW RESEARCH: Artificial intelligence and Machine Learning Can Be Used to Stop DAST Attacks Before they Start

Within cloud security, one of the most prevalent tools is dynamic application security testing, or DAST. DAST is a critical component of a robust application security framework, identifying vulnerabilities in your cloud applications either pre or post deployment that can be remediated for a...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/09 2:12 p.m.189 views

CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest

On November 8, 2023, IT service management company SysAid disclosed CVE-2023-47426, a zero-day path traversal vulnerability affecting on-premise SysAid servers. According to Microsoft’s threat intelligence team, it has been exploited in the wild by DEV-0950 Lace Tempest in “limited attacks.” In a...

7.5CVSS9.4AI score0.99934EPSS
Exploits18
Rapid7 Blog
Rapid7 Blog
added 2023/11/08 6:23 p.m.23 views

GhostLocker - A “Work In Progress” RaaS

This post was also authored by Anna Širokova Executive Summary In recent years, there has been a noticeable uptick in threat actors venturing into the realm of Ransom-as-a-Service RaaS. Some have emerged as significant threats, while others have faded into obscurity. What makes the current...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/08 2:0 p.m.20 views

Setup of Discovery Connection Azure

By: fuzzy borders Are you having trouble trying to get your Azure assets into your InsightVM security console? In this blog post, we wanted to bring additional insight into leveraging the Azure Discovery Connection with InsightVM. This blog post is brought to you by the Fuzzy Borders project, who...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/11/06 3:31 p.m.177 views

Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518

Daniel Lydon and Conor Quinn contributed attacker behavior insights to this blog. As of November 5, 2023, Rapid7 Managed Detection and Response MDR is observing exploitation of Atlassian Confluence in multiple customer environments, including for ransomware deployment. We have confirmed that at...

7.5CVSS9.9AI score0.99999EPSS
Exploits48
Total number of security vulnerabilities1723