All Posts

2 min Metasploit

Metasploit周报2016/07/06

新的OSX有效载荷:武装和危险 In addition to an RCE leveraging CVE-2024-5084 to gain RCE through a WordPress Hash form, this release features the addition of several new binary OSX stageless payloads with aarch64 support: Execute Command, Shell Bind TCP, and 反向TCP. The new osx/aarch64/shell_bind_tcp payload opens a listening port on the target machine, which allows the attacker to connect to this open port to spawn a command shell using the user provided command using the exe

5 min 人工智能

Securing AI Development in the Cloud: Navigating the Risks and Opportunities

承诺提高效率, 个性化, 和创新, organizations are increasingly turning to cloud environments to develop and deploy these powerful AI and ML technologies.

2 min 脆弱性管理

The Dreaded Network Pivot: An Attack Intelligence Story

The spiritual successor to our annual 脆弱性 Intelligence Report, the AIR includes data from the Rapid7 research team combined with our detection and response and threat intelligence teams.

1 min 了解代理

New! 了解代理 Support for ARM-based Windows in InsightVM

We are pleased to introduce 了解代理 support of ARM-based Windows 11 devices for both vulnerability and policy assessment within InsightVM.

2 min Metasploit

Metasploit周报05/31/2024

Quis dmd rumpet ipsos dīrumpēs In this release, we feature a double-double: two exploits each targeting two 软件. 第一对来自h00die [http://github].com/h00die] 目标是茉莉花勒索软件网络服务器. 第一个使用CVE-2024-30851来 retrieve the login for the ransomware server, and the second is a directory traversal vulnerability allowing arbitrary file read. 戴夫送的第二副 Yesland of Rhino Security targets Progress Flowmon with CVE-2024-2389 and it pai

4 min 紧急威胁响应

CVE-2024-24919: Check Point Security Gateway Information Disclosure

On May 28, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade.

2 min 职业发展

Celebrating Excellence: Joanne Guariglia and Kelly Hiscoe Recognized as CRN's 2024 Women of the Channel

We are thrilled to announce that two of our exceptional team members, 乔安妮·瓜格利亚和凯利·希斯科, have been recognized as CRN's 2024 Women of the Channel.

3 min Metasploit

Metasploit每周总结2024年5月23日

渗透广播! 一个来自Chocapikk的新模块[http://github].com/Chocapikk]允许用户 perform remote code execution on vulnerable versions of streaming platform AVideo (12.4 - 14.2). multi/http/avideo_wwbnindex_unauth_rce模块 利用cve - 2024 - 31819 [http://attackerkb.com/topics/y127ezofMQ/cve-2024-31819], a vulnerability to PHP Filter Chaining, to gain unauthenticated and unprivileged access, earning it “AttackerKB”中攻击者的值为高 [http://attackerkb.com/t

2 min Events

The Take Command Summit: A Day of Resilience and Preparation

The Take Command Summit is officially in the books. 这是一个为期一天的虚拟游戏 powerhouse of major voices and ultra-relevant topics from across the entire 网络安全领域. We are super proud of the event and grateful for all who 参加了这些重要的讨论. At Rapid7 we are eager to have the critical conversations at the critical moments and right now, the industry faces a great many challenges. From ransomware to cloud security to building the best 24/7/365 security operat

10 min 管理检测和响应(MDR)

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Justice AV Solutions (JAVS)是一家美国公司.S.-based company specializing in digital audio-visual recording solutions for courtroom environments. Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk and should take immediate action.

2 min Research

Rapid7 Releases the 2024 Attack Intelligence Report

Today, during our Take Command Summit, we released our 2024 Attack Intelligence Report, which pulls in expertise from our researchers, our detection and 反应小组和威胁情报小组. 结果是最清楚的 picture yet of the expanding attack surface and the threats security 专业人士每天都要面对. Since the end of 2020, we’ve seen a significant increase in zero-day exploitation, ransomware attacks, and mass compromise incidents impacting many 组织全球.

3 min Metasploit

Metasploit总结2024年5月17日

LDAP认证改进 本周,在Metasploit v6中.4.9、团队增加了多个改进 LDAP相关攻击. Two improvements relating to authentication is the new 支持签名[http://github.com/rapid7/metasploit-framework/pull/19127] 和通道绑定[http://github].com/rapid7/metasploit-framework/pull/19132]. 微软一直在做出改变 [http://support.microsoft.com/en-gb/topic/2020-2023-and-2024-ldap-channel-binding-and-ldap-signing-requirements-for

3 min Events

See a Sneak Peek of Tuesday’s Take Command Summit

In just a few short days, some of the best minds in cybersecurity will come 一起指挥 [http://rapid7.brighttalk.com/?utm_source =博客&utm_medium =网站&utm_content = blog-4&utm_campaign=global-mdr-take-command-summmit-prospect-eng-cyas] to discuss the most pressing challenges and opportunities we face as an industry. The sessions include in-depth discussions on attacker trends and behaviors, a look into the Rapid7 SOC, top guest speakers with unique insights 进入网络安全

4 min 人工智能

AI Trust Risk and Security Management: Why Tackle Them Now?

In the evolving world of artificial intelligence (AI), keeping our customers secure and maintaining their trust is our top priority.

8 min 星期二补丁

补丁星期二- 2024年5月

在DWM、MSHTML和Visual Studio中的零日. SharePoint关键的认证后RCE. 远程接入修复. 移动宽带USB总线.