1723 matches found
Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities
Rapid7, Inc. Rapid7 discovered vulnerabilities in Aladdin Connect retrofit kit garage door opener and Android mobile application produced by Genie. The affected products are: Aladdin Garage door smart retrofit kit, Model ALDCM Android Mobile application ALADDIN Connect, Version 5.65 Build 2075...
Metasploit 2023 Annual Wrap-Up: Dec. 29, 2023
As 2023 winds down, we’re taking another look back at all the changes and improvements to the Metasploit Framework. This year marked the 20th anniversary since Metasploit version 1.0 was committed and the project is still actively maintained and improved thanks to a thriving community. Version 6....
Velociraptor 0.7.1 Release
Written by Dr. Michael Cohen Sigma Support, ETW Multiplexing, Local Encrypted Storage and New VQL Capabilities Highlight the Last Release of 2023 Rapid7 is excited to announce that version 0.7.1 of Velociraptor is live and available for download. There are several new features and capabilities th...
Velociraptor 0.7.1 Release
Written by Dr. Michael Cohen Sigma Support, ETW Multiplexing, Local Encrypted Storage and New VQL Capabilities Highlight the Last Release of 2023 Rapid7 is excited to announce that version 0.7.1 of Velociraptor is live and available for download. There are several new features and capabilities th...
Mastering Industrial Cybersecurity: The Significance of Combining Vulnerability Management with Detection and Response
Written by Elad Ben-Meir, CEO SCADAfence, a Honeywell company. In today's digital era, where industries are increasingly reliant on advanced technologies, safeguarding critical infrastructure against cyber threats has become paramount. The convergence of operational technology OT and information...
Mastering Industrial Cybersecurity: The Significance of Combining Vulnerability Management with Detection and Response
Written by Elad Ben-Meir, CEO SCADAfence, a Honeywell company. In today's digital era, where industries are increasingly reliant on advanced technologies, safeguarding critical infrastructure against cyber threats has become paramount. The convergence of operational technology OT and information...
There’s One Last Gift Under the Tree, It’s Hands-On IoT!
It’s the holiday season and since we’re in a giving mood we thought we’d surprise our loyal readers with a fun, hands-on hardware exercise to enjoy during some well-earned downtime. But first, a little background. Every year Rapid7 has a pretty solid presence at DefCon in Las Vegas. This year was...
Metasploit Weekly Wrap-Up
Getting Looney with Privilege Escalation As if Metasploit couldn’t get any loonier, this release adds a brand new exploit module for Glibc Tunables Privilege Escalation aka Looney Tunables. Now, using linux/local/glibctunablesprivesc, you can check your target’s glibc version to see if it’s...
Securely Build AI/ML Applications in the Cloud with Rapid7 InsightCloudSec
It’s been little over a year since ChatGPT was released, and oh how much has changed. Advancements in Artificial Intelligence and Machine Learning have marked a transformative era, influencing virtually every facet of our lives. These innovative technologies have reshaped the landscape of natural...
What’s New in Rapid7 Products & Services: 2023 Year in Review
Throughout 2023 Rapid7 has made investments across the Insight Platform to further our mission of providing security teams with the tools to proactively anticipate imminent risk, prevent breaches earlier, and respond faster to threats. In this blog you'll find a review of our top releases from th...
Expanded Coverage and AWS Compliance Pack Updates in InsightCloudSec Coming Out of AWS Re:Invent 2023
It seems like it was just yesterday that we were in Las Vegas for AWS Re:Invent, but it’s already been almost two weeks since the conference wrapped up. As is always the case, AWS unveiled a host of new services throughout the week, including advancements around serverless, artificial intelligenc...
Expanded Coverage and New Attack Path Visualizations Help Security Teams Prioritize Cloud Risk and Understand Blast Radius
Cloud environments differ in a number of ways from more traditional on-prem environments. From the immense scale and compounding complexity to the rate of change, the cloud creates a host of challenges for security teams to navigate and grapple with. By definition, anything running in the cloud h...
Expanded Coverage and New Attack Path Visualizations Help Security Teams Prioritize Cloud Risk and Understand Blast Radius
Cloud environments differ in a number of ways from more traditional on-prem environments. From the immense scale and compounding complexity to the rate of change, the cloud creates a host of challenges for security teams to navigate and grapple with. By definition, anything running in the cloud h...
We Asked ChatGPT for 2024 Cybersecurity Predictions but You Should Make These Resolutions Instead
By Caitlin Condon, Senior Manager, Vulnerability Research at Rapid7, and Christiaan Beek, Senior Director, Threat Analytics at Rapid7 It’s that time of year again — time for the annual tradition of cybersecurity predictions. Here at Rapid7 we’ve seen a whole lot of threats and exploited...
Metasploit Weekly Wrap-Up: Dec. 15, 2023
Continuing the 12th Labor of Metasploit Metasploit continues its Herculean task of increasing our toolset to tame Kerberos by adding support for ASREP Roasting, which allows retrieving the password hashes of users who have Do not require Kerberos preauthentication set on the domain controller. Th...
NIST SP 800-53 Rev. 5 Updates: What You Need to Know About The Most Recent Patch Release (5.1.1)
On November 7th, the National Institute of Standards and Technology NIST issued an update to SP 800-53, a NIST-curated catalog of controls that organizations can implement to effectively manage security and privacy risk. In this blog we’ll cover the new and updated controls within patch release...
NIST SP 800-53 Rev. 5 Updates: What You Need to Know About The Most Recent Patch Release (5.1.1)
On November 7th, the National Institute of Standards and Technology NIST issued an update to SP 800-53, a NIST-curated catalog of controls that organizations can implement to effectively manage security and privacy risk. In this blog we’ll cover the new and updated controls within patch release...
Patch Tuesday - December 2023
Microsoft is addressing 34 vulnerabilities this December Patch Tuesday, including a single zero-day vulnerability and three critical remote code execution RCE vulnerabilities. December Patch Tuesday has historically seen fewer patches than a typical month, and this trend continues in 2023. This...
Peeking into the crystal ball: What 2023 cyber threats told us about 2024
By Raj Samani, SVP Chief Scientist, and Sabeen Malik, Vice President, Global Government Affairs and Public Policy at Rapid7 Stepping into 2024 feels like opening the latest best-selling mystery novel – you know there's adventure ahead, but the plot is still up in the air. In the twist-riddled wor...
Peeking into the crystal ball: What 2023 cyber threats told us about 2024
By Raj Samani, SVP Chief Scientist, and Sabeen Malik, Vice President, Global Government Affairs and Public Policy at Rapid7 Stepping into 2024 feels like opening the latest best-selling mystery novel – you know there's adventure ahead, but the plot is still up in the air. In the twist-riddled wor...
Living our Values and Leveraging Diverse Skill Sets: How Jonathan Atwood Built a Successful Career as a Customer Advisor at Rapid7
At Rapid7, our Customer Advisors play a pivotal role at ensuring our customers understand their threat landscape – and feel confident in their security programs. By collaborating across various internal teams, strengthening customer relationships, and proactively seeking solutions and advocating...
Metasploit Wrap-Up 12/8/2023
Are You Looking for ACTION? Our very own adfoster-r7 has added a new feature that adds module actions, targets, and aliases to the search feature in Metasploit Framework. As we continue to add modules with diverse goals or targets, we’ve found ourselves leaning on these flags more and more...
A Trusted Voice in a Crowded Market: Meet Joanne Guariglia, Senior Channel Account Manager at Rapid7
When you’re a seller, it’s important to represent a reputable brand and products you can stand behind. For many companies, their partners act as an extension of the sales team to help identify and engage new customers. As a Senior Channel Account Manager, Joanne Guariglia shares what she loves mo...
Method to an Old Consultant's Madness with Site Design
If it's your first time purchasing and setting up InsightVM – or if you are a seasoned veteran – I highly recommend a ‘less is more’ strategy with site design. After many thousands of health checks performed by security consultants for InsightVM customers, the biggest challenge most consultants...
Metasploit Weekly Wrap-Up
Customizable DNS resolution Contributor smashery added a new dns command to Metasploit console, which allows the user to customize the behavior of DNS resolution. Similarly to the route command, it is now possible to specify where DNS requests should be sent to avoid any information leak. Before...
CVE-2023-49103 - Critical Information Disclosure in ownCloud Graph API
Rapid7 is responding to CVE-2023-49103, an unauthenticated information disclosure vulnerability impacting ownCloud. Background ownCloud is a file sharing platform designed for enterprise environments. On November 21, 2023, ownCloud disclosed CVE-2023-49103, an unauthenticated information disclosu...
Attackers are Working Around The Clock. Luckily, So Are We.
It takes an average of 204 days for organizations to discover a breach, and from there an average of 73 days to contain it. With the average cost of a breach at an all time high of $4.45 million IBM’s Cost of a Data Breach Report 2023, there’s an undeniable need for teams to enlist the right...
Rapid7 Takes Next Step in AI Innovation with New AI-Powered Threat Detections
Digital transformation has created immense opportunity to generate new revenue streams, better engage with customers and drive operational efficiency. A decades-long transition to cloud as the de-facto delivery model of choice has delivered undeniable value to the business landscape. But any chan...
Rapid7 Takes Next Step in AI Innovation with New AI-Powered Threat Detections
Digital transformation has created immense opportunity to generate new revenue streams, better engage with customers and drive operational efficiency. A decades-long transition to cloud as the de-facto delivery model of choice has delivered undeniable value to the business landscape. But any chan...
Updates to Layered Context Enable Teams to Quickly Understand Which Risk Signals Are Most Pressing
Layered Context introduced a consolidated view of all security risks insightCloudSec collects from the various layers of a cloud environment. This enabled our customers to go from visibility into individual security risks on a resource, to understanding all of the risks that impacted that resourc...
Updates to Layered Context Enable Teams to Quickly Understand Which Risk Signals Are Most Pressing
Layered Context introduced a consolidated view of all security risks insightCloudSec collects from the various layers of a cloud environment. This enabled our customers to go from visibility into individual security risks on a resource, to understanding all of the risks that impacted that resourc...
Building our Team in Prague: Meet Martin Votruba
From developing driver-assistance software for a luxury car brand to jumping on board an NFT startup, Martin Votruba, Lead Software Engineer, is not one to shy away from a challenge. In September of 2023, joined Rapid7 as the first hire in its new Prague office. Martin is leveraging Rapid7’s...
Metasploit Wrap-up
Enhancements and features 2 18548 from zeroSteiner - Updates the admin/http/tomcatghostcat module to follow newer library conventions. 18552 from adfoster-r7 - Adds support for Ruby 3.3.0-preview3. Bugs fixed 5 18448 from HynekPetrak - Fixes and updates the...
When Maximum Effort Doesn't Equate to Maximum Results
It’s no secret that security teams are feeling beleaguered as a result of the barrage of data, events, and alerts generated by their security tools, to say nothing of the increased budget scrutiny and constrained staff resources that continue to plague cybersecurity practitioners. The trick is...
Rapid7 Introduces AI-driven Cloud Anomaly Detection
It’s that time of year again! AWS Re:Invent, Amazon Web Services’ annual mega-conference will soon kick off in Las Vegas and there are sure to be a ton of new cloud security innovations unveiled throughout the week. From a Rapid7 perspective, we’re launching an exciting new capability - Cloud...
Rapid7 Introduces AI-driven Cloud Anomaly Detection
It’s that time of year again! AWS Re:Invent, Amazon Web Services’ annual mega-conference will soon kick off in Las Vegas and there are sure to be a ton of new cloud security innovations unveiled throughout the week. From a Rapid7 perspective, we’re launching an exciting new capability - Cloud...
Metasploit Weekly Wrap-Up
Possible Web Service Removal Metasploit has support for running with a local database, or from a remote web service which can be initialized with msfdb init --component webservice. Future versions of Metasploit Framework may remove the msfdb remote webservice. Users that leverage this functionali...
Manage Enterprise Risk at Scale with a Unified, Holistic Approach
The rapid pace of technological change and the attendant rise of cyber threats in both speed and number leave most organizations at a disadvantage. Historically, many firms faced this challenge simply by purchasing more technology in the hopes that the latest threat protection software would keep...
Manage Enterprise Risk at Scale with a Unified, Holistic Approach
The rapid pace of technological change and the attendant rise of cyber threats in both speed and number leave most organizations at a disadvantage. Historically, many firms faced this challenge simply by purchasing more technology in the hopes that the latest threat protection software would keep...
Patch Tuesday - November 2023
Microsoft is addressing 64 vulnerabilities this November Patch Tuesday, including five zero-day vulnerabilities as well as one critical remote code execution RCE vulnerability. Overall, this month sees significantly fewer vulnerabilities addressed across a smaller number of products than has been...
Metasploit Weekly Wrap-Up
Apache MQ and Three Cisco Modules in a Trenchcoat This week’s release has a lot of new content and features modules targeting two major recent vulnerabilities that got a great deal of attention: CVE-2023-46604 targeting Apache MQ resulting in ransomware deployment and CVE-2023-20198 targeting Cis...
CVE-2023-5950 Rapid7 Velociraptor Reflected XSS
This advisory covers a specific issue identified in Velociraptor and disclosed by a security code review. We want to thank Mathias Kujala for working with the Velociraptor team to identify and rectify this issue. It has been fixed as of Version 0.7.0-4, released November 6, 2023. CVSS · HIGH ·...
CVE-2023-5950 Rapid7 Velociraptor Reflected XSS
This advisory covers a specific issue identified in Velociraptor and disclosed by a security code review. We want to thank Mathias Kujala for working with the Velociraptor team to identify and rectify this issue. It has been fixed as of Version 0.7.0-4, released November 6, 2023. CVSS · HIGH ·...
Be Empathetic and Hug Your CISO More!
In the rapidly evolving landscape of cloud computing, the adoption of multi-cloud environments has become a prevailing trend. Organizations increasingly turn to multiple cloud providers to harness diverse features, prevent vendor lock-in, and optimize costs. The multi-cloud approach offers...
Be Empathetic and Hug Your CISO More!
In the rapidly evolving landscape of cloud computing, the adoption of multi-cloud environments has become a prevailing trend. Organizations increasingly turn to multiple cloud providers to harness diverse features, prevent vendor lock-in, and optimize costs. The multi-cloud approach offers...
NEW RESEARCH: Artificial intelligence and Machine Learning Can Be Used to Stop DAST Attacks Before they Start
Within cloud security, one of the most prevalent tools is dynamic application security testing, or DAST. DAST is a critical component of a robust application security framework, identifying vulnerabilities in your cloud applications either pre or post deployment that can be remediated for a...
CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest
On November 8, 2023, IT service management company SysAid disclosed CVE-2023-47426, a zero-day path traversal vulnerability affecting on-premise SysAid servers. According to Microsoft’s threat intelligence team, it has been exploited in the wild by DEV-0950 Lace Tempest in “limited attacks.” In a...
GhostLocker - A “Work In Progress” RaaS
This post was also authored by Anna Širokova Executive Summary In recent years, there has been a noticeable uptick in threat actors venturing into the realm of Ransom-as-a-Service RaaS. Some have emerged as significant threats, while others have faded into obscurity. What makes the current...
Setup of Discovery Connection Azure
By: fuzzy borders Are you having trouble trying to get your Azure assets into your InsightVM security console? In this blog post, we wanted to bring additional insight into leveraging the Azure Discovery Connection with InsightVM. This blog post is brought to you by the Fuzzy Borders project, who...
Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518
Daniel Lydon and Conor Quinn contributed attacker behavior insights to this blog. As of November 5, 2023, Rapid7 Managed Detection and Response MDR is observing exploitation of Atlassian Confluence in multiple customer environments, including for ransomware deployment. We have confirmed that at...