Lucene search
K
Rapid7blogRecent

1723 matches found

Rapid7 Blog
Rapid7 Blog
added 2025/02/24 7:6 p.m.8 views

Under The Hoodie: The Pen Test Diaries

Breaking In So You Don’t Have To Each year, Rapid7 penetration testers conduct over 1,000 security assessments, pushing boundaries to expose vulnerabilities before the bad guys do. The mission? Get in, escalate privileges, and own the environment—physically, digitally, or sometimes just by...

8.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/21 9:27 p.m.14 views

Metasploit Weekly Wrap-Up 02/21/2025

BeyondTrust exploit + fetch payload updates This Metasploit release includes an exploit module that chains two vulnerabilities, one exploited in the wild by APT groups and another one, a 0-day discovered by Rapid7 during the vulnerability analysis. This week's release also includes a significant...

9.8CVSS9AI score0.89472EPSS
Exploits19
Rapid7 Blog
Rapid7 Blog
added 2025/02/19 6:0 p.m.4 views

Take Command | Rapid7’s 2025 Cybersecurity Summit: First Look at Our Speaker Lineup

Take Command Summit 2025 is shaping up to be one of the most impactful cybersecurity events of the year, bringing together Rapid7’s own security experts alongside leading industry voices for a full day of insights into today’s evolving attack landscape. This virtual summit will offer actionable...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/19 2:0 p.m.26 views

Rapid7 Fills Gaps in the CVE Assessment Process with AI-Generated Vulnerability Scoring in Exposure Command

NIST released an update highlighting that there would be delays in adding information on newly published CVEs this is also discussed in detail in our blog post from March of 2024. Due to resource constraints and an inability to keep up with the volume of newly-disclosed vulnerabilities, NVD shift...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/14 8:20 p.m.15 views

Metasploit Weekly Wrap-Up 02/14/2025

New module content 2 Unauthenticated RCE in NetAlertX Authors: Chebuya Rhino Security Labs and Takahiro Yokoyama Type: Exploit Pull request: 19868 contributed by Takahiro-Yoko Path: linux/http/netalertxrcecve202446506 AttackerKB reference: CVE-2024-46506 Description: A new module for an...

10CVSS10AI score0.64414EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2025/02/14 2:0 p.m.27 views

Xerox Versalink C7025 Multifunction Printer: Pass-Back Attack Vulnerabilities (FIXED)

During security testing, Rapid7 discovered that Xerox Versalink C7025 Multifunction printers MFPs were vulnerable to pass-back attacks. The affected products identified were: Xerox Versalink MFPs Firmware Version: 57.69.91 and earlier This issue has been assigned the following CVEs: CVE-2024-1251...

7.6CVSS8.2AI score0.00918EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/14 2:0 p.m.3 views

Xerox Versalink C7025 Multifunction Printer: Pass-Back Attack Vulnerabilities (FIXED)

During security testing, Rapid7 discovered that Xerox Versalink C7025 Multifunction printers MFPs were vulnerable to pass-back attacks. The affected products identified were: Xerox Versalink MFPs Firmware Version: 57.69.91 and earlier This issue has been assigned the following CVEs: CVE-2024-1251...

7.6CVSS7.4AI score0.00918EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/13 3:7 p.m.5 views

CVE-2025-1094: PostgreSQL psql SQL injection (FIXED)

Rapid7 discovered a high-severity SQL injection vulnerability, CVE-2025-1094, affecting the PostgreSQL interactive tool psql. This discovery was made while Rapid7 was performing research into the recent exploitation of CVE-2024-12356 — an unauthenticated remote code execution RCE vulnerability th...

9.8CVSS9.8AI score0.89472EPSS
Exploits14
Rapid7 Blog
Rapid7 Blog
added 2025/02/13 3:7 p.m.90 views

CVE-2025-1094: PostgreSQL psql SQL injection (FIXED)

Rapid7 discovered a high-severity SQL injection vulnerability, CVE-2025-1094, affecting the PostgreSQL interactive tool psql. This discovery was made while Rapid7 was performing research into the recent exploitation of CVE-2024-12356 — an unauthenticated remote code execution RCE vulnerability th...

9.8CVSS9.2AI score0.89472EPSS
Exploits14
Rapid7 Blog
Rapid7 Blog
added 2025/02/11 9:30 p.m.7 views

Patch Tuesday - February 2025

Microsoft is addressing 56 vulnerabilities this February 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation for two of the vulnerabilities published today, which is reflected in CISA KEV. Microsoft is aware of public disclosure for two other vulnerabilities. This is now the...

8.8CVSS8.5AI score0.01459EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/11 9:30 p.m.75 views

Patch Tuesday - February 2025

Microsoft is addressing 56 vulnerabilities this February 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation for two of the vulnerabilities published today, which is reflected in CISA KEV. Microsoft is aware of public disclosure for two other vulnerabilities. This is now the...

9.8CVSS9.6AI score0.29778EPSS
Exploits6
Rapid7 Blog
Rapid7 Blog
added 2025/02/11 2:0 p.m.8 views

How To Protect Your Organization's Bluesky Account From Security Threats

When a new platform suddenly becomes popular, it’s not uncommon to see it stress tested by malware authors and fraudsters. Many organizations are making the leap to Bluesky without necessarily understanding the potential threats to an account and the business should a compromise take place. This...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/10 2:53 p.m.6 views

Interning at Rapid7 Prague: Meet Mko

Mkrtich Hovsepyan – most people call him Mko – is an intern at Rapid7’s fast-growing office in Prague. He graduated from the luminous Charles University in Prague, and is currently a first-year master’s student in Artificial Intelligence there. He was in our first impressive crop of interns, and ...

7.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/07 7:33 p.m.11 views

Vector Command Opportunistic Phishing Blog

Gone Phishing with Vector Command During one of our customer engagements, our red team will continuously attack your network to see if we can exploit a vulnerability. One of the tactics, techniques and proceduresTTPs we use is “Opportunistic Phishing”. First, let’s share a quick reminder about...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/07 4:59 p.m.16 views

Metasploit Weekly Wrap-Up 02/07/2025

Gathering data and improving workflows This week's release includes 2 new auxiliary modules targeting Argus Surveillance DVR and Ivanti Connect Secure. The former, contributed by Maxwell Francis, and based on the work of John Page, can be used to retrieve arbitrary files on the target's filesyste...

7.5CVSS7AI score0.97709EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2025/02/06 2:0 p.m.5 views

4 Reasons Why MSPs & MSSPs Need to Enhance Attack Surface Management

In today’s rapidly evolving digital landscape, Managed Service Providers MSPs and Managed Security Service Providers MSSPs face increasing challenges. As businesses expand their digital footprints, MSPs and MSSPs are under pressure to deliver comprehensive security services while managing costs,...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/05 5:38 p.m.11 views

Take Command | Rapid7’s 2025 Cybersecurity Summit: Own Your Attack Surface on April 9

Save the date:April 9, 2025 Take Command is back. After a hugely successful event last year, Rapid7’s cybersecurity summit returns with another stellar lineup to equip security teams with the latest threat intelligence, expert insights, and real-world strategies to take control of an evolving...

7.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/04 2:0 p.m.3 views

Introducing the Exposure Management Webinar Series: Commanding Your Attack Surface

The digital landscape is expanding rapidly, and with it, the complexity of managing an organization's attack surface. To help cybersecurity professionals navigate this challenge, Rapid7 presents a three-part webinar series, "Commanding Your Attack Surface." This series dives deep into the evolvin...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/02/03 3:0 p.m.4 views

Excellence in Leadership: CRN Recognizes Alex Page Among Its 2025 Channel Chiefs

For the third consecutive year, Rapid7’s Alex Page has been honored as a CRN Channel Chief, a testament to his unwavering commitment to driving growth, fostering innovation, and strengthening our global channel partnerships. CRN’s annual Channel Chiefs list showcases the top leaders throughout th...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/31 9:34 p.m.25 views

Metasploit Weekly Wrap-Up 01/31/25

ESC4 Detection This week, Metasploit’s jheysel-r7 updated the existing ldapescvulnerablecertfinder module to include detecting template objects that can be written to by the authenticated user. This means the module can now identify instances of ESC4 from the perspective of the account that the...

9.3CVSS7.7AI score0.97446EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2025/01/30 2:0 p.m.4 views

Paying It Forward: Giving and Receiving Mentorship in Tech

I’ve never actually seen the 2000 romantic drama Pay It Forward , but the movie’s core idea has stayed with me since I first heard of it: The best way to repay a favor or good deed is to do one for someone else. You ‘pay it forward,’ and ask that person to do likewise, creating an expanding web o...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/27 2:0 p.m.7 views

The 2024 Ransomware Landscape: Looking back on another painful year

The ransomware landscape in 2024 continued to evolve at a rapid pace, outgrowing many of the trends we saw in 2023. Threat actors remained relentless and innovative, targeting organizations of all sizes and sectors. In this post, we’ll examine the latest data points, discuss notable groups, and...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/27 2:0 p.m.17 views

The 2024 Ransomware Landscape: Looking back on another painful year

The ransomware landscape in 2024 continued to evolve at a rapid pace, outgrowing many of the trends we saw in 2023. Threat actors remained relentless and innovative, targeting organizations of all sizes and sectors. In this post, we’ll examine the latest data points, discuss notable groups, and...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/24 9:58 p.m.34 views

Metasploit Weekly Wrap-Up 01/24/2025

LibreNMS Authenticated RCE module and ESC15 improvements This week the Metasploit Framework was blessed with an authenticated RCE module in LibreNMS, an autodiscovering PHP/MySQL-based network monitoring system. An authenticated attacker can create dangerous directory names on the system and alte...

7.8CVSS8.6AI score0.06933EPSS
Exploits5
Rapid7 Blog
Rapid7 Blog
added 2025/01/24 2:0 p.m.6 views

The Vulnerability Vortex: Escaping the Whirlpool of Ineffective Security

Drowning in data: The modern security dilemma In today's interconnected digital landscape, organizations find themselves caught in a relentless torrent of security alerts and vulnerability notifications. As cyber threats evolve at breakneck speed, security teams struggle to keep their heads above...

7.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/23 2:1 p.m.7 views

Key Takeaways: Mastering Risk Prioritization with Rapid7 Surface Command

Managing risk in today’s sprawling IT environments demands precision and adaptability. Security teams face a constant influx of data from various tools, each offering fragmented insights. Rapid7’s Surface Command takes control of this chaos, consolidating data and delivering actionable insights...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/17 7:22 p.m.50 views

Metasploit Wrap-Up 01/17/2025

Clarity in Cleo Exploitation Last Month, Huntress reported that several Cleo products were being attacked in the wild, including Harmony, VLTrader, and LexiCom. Cleo announced CVE-2024-50623 and that these issues were patched in 5.8.0.21, but Huntress reported the vulnerability was still in those...

6.9CVSS10AI score0.98529EPSS
Exploits25
Rapid7 Blog
Rapid7 Blog
added 2025/01/16 4:0 p.m.13 views

Perfect Fit or Business Threat? How to Mitigate the Risk of Rogue Employees

Rogue employees present significant financial and cybersecurity risks to organizations. Rapid7 threat researchers and penetration testers are actively observing how malicious actors exploit hiring pipelines to infiltrate businesses. This blog highlights real-world tactics, including: Insider...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/16 3:57 p.m.45 views

Fortinet Firewalls Hit with New Zero-Day Attack, Older Data Leak

Executive summary Rapid7 is investigating two separate events affecting Fortinet firewall customers: Zero-day exploitation of CVE-2024-55591, an authentication bypass vulnerability in FortiOS and FortiProxy disclosed earlier this week. Successful exploitation could allow remote attackers to gain...

9.8CVSS10AI score0.99999EPSS
Exploits81
Rapid7 Blog
Rapid7 Blog
added 2025/01/16 3:57 p.m.9 views

Fortinet Firewalls Hit with New Zero-Day Attack, Older Data Leak

Executive summary Rapid7 is investigating two separate events affecting Fortinet firewall customers: Zero-day exploitation of CVE-2024-55591, an authentication bypass vulnerability in FortiOS and FortiProxy disclosed earlier this week. Successful exploitation could allow remote attackers to gain...

9.8CVSS10AI score0.99984EPSS
Exploits33
Rapid7 Blog
Rapid7 Blog
added 2025/01/14 10:12 p.m.5 views

Patch Tuesday - January 2025

Microsoft is addressing 161 vulnerabilities this January 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for eight of the vulnerabilities published today, with three listed on CISA KEV. This is now the fourth consecutive month where Microsoft has...

9.8CVSS9.1AI score0.09798EPSS
Exploits5
Rapid7 Blog
Rapid7 Blog
added 2025/01/14 10:12 p.m.59 views

Patch Tuesday - January 2025

Microsoft is addressing 161 vulnerabilities this January 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for eight of the vulnerabilities published today, with three listed on CISA KEV. This is now the fourth consecutive month where Microsoft has...

9.8CVSS9.2AI score0.80912EPSS
Exploits15
Rapid7 Blog
Rapid7 Blog
added 2025/01/10 7:46 p.m.19 views

Metasploit Wrap-Up 01/10/2025

New module content 5 OneDev Unauthenticated Arbitrary File Read Authors: Siebene and vultza Type: Auxiliary Pull request: 19614 contributed by vultza Path: gather/onedevarbitraryfileread AttackerKB reference: CVE-2024-45309 Description: This adds an exploit module for an unauthenticated arbitrary...

8.7CVSS9.7AI score0.24822EPSS
Exploits8
Rapid7 Blog
Rapid7 Blog
added 2025/01/10 5:0 p.m.9 views

Securing Success: Stories from the SOC Webinar Series

In today’s fast-paced threat landscape, SOC Security Operations Center teams are under relentless pressure. Cyberattacks are evolving, threat volumes are skyrocketing, and attackers are exploiting vulnerabilities faster than ever. To navigate these challenges, Rapid7 has launched the "Securing...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/10 2:0 p.m.4 views

Unlocking the Power of AI in Cybersecurity: Key Takeaways from Our Latest Webinar

Today's SOC teams have to face dramatic challenges that include overwhelming volumes of alerts, blurred perimeter protections, and resource constraints; meanwhile, AI is bursting into SOC workflows as one of the most important elements in addressing these issues more productively and letting team...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/09 5:55 p.m.5 views

Built In Honors Rapid7 with “2025 Best Places To Work” Award

3 Rapid7 Offices Included in Built In’s “Best Places to Work” Lists Built In has announced that Rapid7 is being honored in the 2025 Best Places To Work Awards. Specifically, Rapid7 earned recognition for three office locations: Austin, Boston, and Arlington Washington DC. The annual awards progra...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/08 7:43 p.m.8 views

New Research: Enhancing Botnet Detection with AI using LLMs and Similarity Search

As botnets continue to evolve, so do the techniques required to detect them. While Transport Layer Security TLS encryption is widely adopted for secure communications, botnets leverage TLS to obscure command-and-control C2 traffic. These malicious actors often have identifiable characteristics...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/08 6:13 p.m.34 views

CVE-2025-0282: Ivanti Connect Secure Zero-Day Exploited in the Wild

On Wednesday, January 8, 2025, Ivanti disclosed two CVEs affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. CVE-2025-0282 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the target device. CVE-2025-0283 is ...

9CVSS8.6AI score0.99971EPSS
Exploits13
Rapid7 Blog
Rapid7 Blog
added 2025/01/07 2:0 p.m.5 views

Rapid7 Recognized with Top Score of 100 in 2025 Corporate Equality Index

On January 7, the Human Rights Campaign Foundation released their 2025 Corporate Equality Index CEI, where Rapid7 earned a top score of 100. The CEI is the nation’s leading benchmark for LGBTQ+ workforce equality, evaluating policies and practices in areas such as non-discrimination, equitable...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/06 2:0 p.m.14 views

Out With the Old, In With the New: Securely Disposing of Smart Devices

So, what did you get for Christmas this year? Hopefully you received some cool smart technology, or maybe you just upgraded your smart camera or voice assistant to a newer model or version. If you upgraded to a new model or version, what is your plan for the old device? Is it still working or is ...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/03 4:52 p.m.53 views

Metasploit 2024 Annual Wrap-Up

Another year has come and gone, and the Metasploit team has taken some time to review the year’s notable additions. This year saw some great new features added, Metasploit 6.4 released and a slew of new modules. We’re grateful to the community members new and old that have submitted modules and...

10CVSS9.8AI score0.99999EPSS
Exploits144
Rapid7 Blog
Rapid7 Blog
added 2024/12/20 7:19 p.m.39 views

Metasploit Weekly Wrap-Up 12/20/2024

New module content 4 GameOverlay Privilege Escalation and Container Escape Authors: bwatters-r7, g1vi, gardnerapp, and h00die Type: Exploit Pull request: 19460 contributed by gardnerapp Path: linux/local/gameoverlayprivesc AttackerKB reference: CVE-2023-2640 Description: Adds a module for...

9.8CVSS9.5AI score0.93709EPSS
Exploits35
Rapid7 Blog
Rapid7 Blog
added 2024/12/18 2:0 p.m.35 views

What’s New in Rapid7 Products & Services: Q4 2024 in Review

This quarter at Rapid7 we continued to make investments across our Command Platform to provide security professionals with a holistic, actionable view of their entire attack surface - from Exposure Management to Detection and Response. Below, we’ve highlighted key releases and updates from the...

9.8CVSS7.6AI score0.98529EPSS
Exploits13
Rapid7 Blog
Rapid7 Blog
added 2024/12/17 2:0 p.m.5 views

Take Command of Your Career: Practicing Self-Advocacy as a Woman in Tech

As the year draws to a close, it’s essential—and often expected—to reflect on our achievements and lessons learned in preparation for annual performance reviews and setting future goals.For women in tech, this reflection period can be an especially powerful tool. The industry often demands that...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/12/16 2:9 p.m.7 views

2024 Threat Landscape Statistics: Ransomware Activity, Vulnerability Exploits, and Attack Trends

Now that we’ve reached the end of another year, you may be looking around the cybersecurity infosphere and seeing a glut of posts offering “hot takes” on the 2024 threat landscape and predictions about what’s coming next. At Rapid7, we don’t truck in hot takes, but rather, cold hard facts. Stayin...

10CVSS9.7AI score0.99999EPSS
Exploits185
Rapid7 Blog
Rapid7 Blog
added 2024/12/16 2:9 p.m.22 views

2024 Threat Landscape Statistics: Ransomware Activity, Vulnerability Exploits, and Attack Trends

Now that we’ve reached the end of another year, you may be looking around the cybersecurity infosphere and seeing a glut of posts offering “hot takes” on the 2024 threat landscape and predictions about what’s coming next. At Rapid7, we don’t truck in hot takes, but rather, cold hard facts. Stayin...

5.9CVSS7.2AI score0.99999EPSS
Exploits185
Rapid7 Blog
Rapid7 Blog
added 2024/12/13 7:36 p.m.62 views

Metasploit Weekly Wrap-Up 12/13/2024

It’s raining RCEs! It's the second week of December and the weather forecast announced another storm of RCEs in Metasploit-Framework land. This weekly release includes RCEs for Moodle e-Learning platform, Primefaces, WordPress Really Simple SSL and CyberPanel along with two modules to change...

10CVSS9.8AI score0.94878EPSS
Exploits60
Rapid7 Blog
Rapid7 Blog
added 2024/12/12 2:0 p.m.8 views

Navigating Choppy Waters: Top Security Predictions from Rapid7's 2025 Webinar

It's that time of year again — one year is ending and another is set to begin.. And what a year it's been for the security community! The sheer scale of incidents has left SecOps teams breathless, so thinking about what could be in store next year can be overwhelming. But there's no need to panic...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/12/11 6:44 p.m.40 views

Modular Java Backdoor Dropped in Cleo Exploitation Campaign

Many thanks to Rapid7 MDR and incident response teams for their contributions to this analysis. While investigating incidents related to Cleo software exploitation, Rapid7 Labs and MDR observed a novel, multi-stage attack that deploys an encoded Java Archive JAR payload. Our investigation reveale...

9.8CVSS7.5AI score0.98529EPSS
Exploits6
Rapid7 Blog
Rapid7 Blog
added 2024/12/11 6:44 p.m.6 views

Modular Java Backdoor Dropped in Cleo Exploitation Campaign

Many thanks to Rapid7 MDR and incident response teams for their contributions to this analysis. While investigating incidents related to Cleo software exploitation, Rapid7 Labs and MDR observed a novel, multi-stage attack that deploys an encoded Java Archive JAR payload. Our investigation reveale...

9.8CVSS9.4AI score0.98529EPSS
Exploits6
Total number of security vulnerabilities1723