Lucene search
K
Rapid7blogRecent

1723 matches found

Rapid7 Blog
Rapid7 Blog
added 2020/10/02 7:46 p.m.221 views

Metasploit Wrap-Up

Windows secrets dump The following provided by Christophe De La Fuente! A common pen testing pattern is to compromise a local administrative account on a host and use it to grab Windows password hashes, kerberos tickets, and other secrets stored locally. The most common technique is to run tools...

7.2CVSS7.4AI score0.39967EPSS
Exploits27
Rapid7 Blog
Rapid7 Blog
added 2020/10/02 5:6 p.m.129 views

HP Device Manager Cavalcade of Critical CVEs (CVE-2020-6925:6927): What You Need to Know

HP released a security bulletin on Sept. 25, 2020, disclosing a set of vulnerabilities in HP Device Manager that—when some are chained together—can result in a remote attacker gaining SYSTEM privileges on the target node. Note: A backdoor database user exists in the PostgreSQL database used by HP...

6.5CVSS1.4AI score0.01327EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/10/02 1:58 p.m.62 views

NICER Protocol Deep Dive: Internet Exposure of SMTP

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

7.5CVSS9.6AI score0.99961EPSS
Exploits27
Rapid7 Blog
Rapid7 Blog
added 2020/10/02 1:57 p.m.20 views

This One Time on a Pen Test: I Know...Everything

Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2020 Under the Hoodie report. It...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/10/01 1:0 p.m.23 views

Rapid7 Introduces “Active Response” for End-to-End Detection and Response

We know your cybersecurity team is facing unprecedented challenges, including new and complex attacks that exploit your remote workforce and deliver malicious payloads which, despite your best defenses, can bypass proactive security controls. Managed Detection and Response MDR providers offer...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/30 6:57 p.m.48 views

Exploitability Analysis: Smash the Ref Bug Class

In April 2020, security researcher Gil Dabah published a paper on a set of vulnerabilities he had discovered within the Win32k subsystem of the Windows operating system. These vulnerabilities demonstrated instances of a new class of bugs, dubbed “Smash the Ref.” Dabah’s research included 13 test...

1.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/29 4:5 p.m.744 views

Microsoft Exchange 2010 End of Support and Overall Patching Study

Today's topic is Exchange 2010, which reaches end of support EoS on Oct. 13, 2020, as well as a survey of other versions of Exchange and how well they are being kept up-to-date. During our work with Project Sonar, we consistently see the use of old and EoS software on the internet. This is...

9CVSS8.9AI score0.99965EPSS
Exploits30
Rapid7 Blog
Rapid7 Blog
added 2020/09/29 1:55 p.m.38 views

2021 Detection and Response Planning, Part 1: Rapid7’s Jeffrey Gardner Breaks Down How CISOs Should Approach Security Planning for the New Year

In this four-part series, we’ll explore key considerations and strategies for 2021 detection and response planning, and ways InsightIDR, Managed Detection and Response Services MDR, and InsightConnect can help drive increased efficiency and future-proof your SOC going into the new year. Despite a...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/25 6:54 p.m.229 views

Metasploit Wrap-up

Nine! Nine new modules! Ah ha ha! With the coming of autumn here in the Northern hemisphere, the nights are getting longer, and the hacking is getting stronger. We’ve really got something for everybody in this release, from IoT to infrastructure, Windows, and Linux; everyone’s pretty...

9.3CVSS0.3AI score0.99686EPSS
Exploits138
Rapid7 Blog
Rapid7 Blog
added 2020/09/25 1:58 p.m.13 views

NICER Protocol Deep Dive: Internet Exposure of rsync

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/25 1:50 p.m.9 views

[Podcast] How Entrepreneur Christian Wentz Takes On Identity Authentication and Data Integrity One Line of Code at a Time

!\Podcast\ How Entrepreneur Christian Wentz Takes On Identity Authentication and Data Integrity One Line of Code at a Timehttps://blog.rapid7.com/content/images/2020/09/-Podcast--How-Entrepreneur-Christian-Wentz-Takes-On-Identity-Authentication-and-Data-Integrity-One-Line-of-Code-at-a-Time-2.jpg ...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/23 12:59 p.m.15 views

This One Time on a Pen Test: Ain’t No Fence High Enough

Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2020 Under the Hoodie report. Read...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/22 12:53 p.m.18 views

Rapid7 Releases Q2 2020 Quarterly Threat Report

It’s hard to believe it’s already the end of September, and with it comes Rapid7’s Q2 2020 Quarterly Threat Report. As in previous quarters, our Rapid7 research team produced this report by analyzing the data from our internet telemetry-gathering systems Project Sonar and Project Heisenberg, as...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/21 2:30 p.m.145 views

Define What to Parse From Logs with the Custom Parsing Tool in InsightIDR

Data is essential to any SIEM. Generally, this data is collected from logs, endpoints, and networks. All of this data paints a holistic picture of your network so you have constant visibility into what’s going on, and where. When it comes to security data, log data is the primary driver. In...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/18 6:28 p.m.173 views

Metasploit Wrap-Up

Refreshingly configurable F5, on top of being a handy shortcut you can press over and over again until 3am just to watch the RTX 3080 preorders sell out instantly, is also a company that specializes in the delivery, security, performance, and availability of web applications, computing, storage,...

10CVSS9.1AI score0.99512EPSS
Exploits87
Rapid7 Blog
Rapid7 Blog
added 2020/09/18 3:11 p.m.176 views

NICER Protocol Deep Dive: Internet Exposure of SMB

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

7.5CVSS9.4AI score0.9981EPSS
Exploits125
Rapid7 Blog
Rapid7 Blog
added 2020/09/17 6:44 p.m.15 views

A step closer to stronger federal IoT security

On Tuesday September 15th, the US House unanimously passed the IoT Cybersecurity Improvement Act H.R. 1668. The bill, sponsored by Reps. Kelly and Hurd, would require federal procurement and use of IoT devices to conform to basic security requirements. The version passed by the House makes severa...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/17 2:36 p.m.19 views

Decentralize Remediation Efforts to Gain More Efficiency with InsightVM

Let’s talk about the reality of the remediation process today. We know it is often a cumbersome and time-consuming process, and it can be challenging for a Security team to work with IT Operations and Development teams, servicing many assets and owners. There isn’t a vulnerability management team...

0.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/16 1:7 p.m.9 views

This One Time on a Pen Test: Outwitting the Vexing VPN

Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2020 Under the Hoodie report. Just...

7.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/15 7:17 p.m.9 views

Rapid7 and Snyk Are on the Run(time) with Expanded SCA Capabilities

Earlier this year, Rapid7 and Snyk partnered together with the goal of securing cloud-native apps across the software development lifecycle SDLC. As modern development teams continue to adopt new technology that helps them accelerate their efforts, security teams are tasked with making sure they...

0.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/14 11:29 p.m.812 views

CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know

Updates September 16, 2020 Samba domain controllers before 4.8 have been confirmed to be vulnerable to CVE-2020-1472. There are now multiple public PoC exploits available, most if not all of which are modifications to Secura’s original PoC built on Impacket. There are reports of the vulnerability...

9.3CVSS0.3AI score0.99512EPSS
Exploits75
Rapid7 Blog
Rapid7 Blog
added 2020/09/14 1:25 p.m.31 views

Vulnerability Remediation vs. Mitigation: What’s the Difference?

Vulnerability management programs look different depending on the available resources and specific risks your organization faces. While both identifying and evaluating possible threats are important steps, the most time-consuming step is actually treating the vulnerability. Here’s where remediati...

0.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/09/14 1:19 p.m.23 views

NICER Protocol Deep Dive: Internet Exposure of FTP/S (TCP/990)

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

7AI score
Exploits0
Total number of security vulnerabilities1723