2023-02-10 00:00   Metasploit Weekly Wrap-Up    #rapid7 #安全文章 Taking a stroll down memory lane (Tomcat Init Script Privilege Escalation)Do you remember the issue with Tomcat init script that was originally discoveredby Dawid Golunski [https://twitter.com/dawid_golunski?lang=en] back in 2016 thatled to privilege escalation? This week's Metasploit release includ

2023-02-09 00:00   Evasion Techniques Uncovered: An Analysis of APT Methods    #rapid7 #安全文章 DLL search order hijacking and DLL sideloading are commonly used by nation state sponsored attackers to evade detection.

2023-02-09 00:00   Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974    #rapid7 #安全文章 Rapid7 research has found that nearly 19,000 ESXi servers likely remain vulnerable to CVE-2021-21974, which is being exploited in the ESXiArgs campaign.

2023-02-07 22:09   Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)    #rapid7 #安全文章 Rapid7 has discovered, and is now disclosing, eight XSS issues affecting four on-premises document management systems. As of this disclosure, none have patches available.

2023-02-07 00:00   CVE-2022-21587: Rapid7 Observed Exploitation of Oracle E-Business Suite Vulnerability    #rapid7 #安全文章 Emergent threats evolve quickly, and as we learn more about this vulnerability,this blog post will evolve, too.Rapid7 is responding to various compromises arising from the exploitation of CVE-2022-21587 [https://nvd.nist.gov/vuln/detail/CVE-2022-21587], a criticalarbitrary file upload vulnerability

2023-02-07 00:00   Year In Review: Rapid7 InsightIDR    #rapid7 #安全文章 In 2022, We worked with our most forward-deployed practitioners to develop address detection and response pain points and meet specific goals.

2023-02-07 00:00   Rapid7 Recognized on Bloomberg Gender Equality Index, Continues Commitments to Support DEI    #rapid7 #安全文章 For the fifth year in a row, Rapid7 has been included in the Bloomberg Gender Equality Index.

2023-02-06 23:08   Ransomware Campaign Compromising VMware ESXi Servers    #rapid7 #安全文章 Hosting provider OVH and French CERT has issued a warning about a ransomware campaign that appears to be using CVE-2021-21974 to target VMware ESXi servers.

2023-02-06 00:00   CVE-2023-22501: Critical Broken Authentication Flaw in Jira Service Management Products    #rapid7 #安全文章 Atlassian has published an advisory for CVE-2023-22501, a critical broken authentication vulnerability affecting Jira service management products.

2023-02-03 00:00   Metasploit Weekly Wrap-Up    #rapid7 #安全文章 Metasploit 6.3 is out!Earlier this week we announced the release of Metasploit 6.3 which came with atonne of new modules and improvements.The whole team worked super hard on this and we're very excited that everyonecan now get their hands on it and all of the new features it has to offer!I won't go

2023-02-03 00:00   Exploitation of GoAnywhere MFT zero-day vulnerability    #rapid7 #安全文章 A warning has been issued about an actively exploited zero-day vulnerability affecting on-premise instances of Fortra’s GoAnywhere MFT.

2023-02-02 00:00   Troubleshooting InsightAppSec Authentication Issues    #rapid7 #安全文章 This article details common issues with macro, traffic, and selenium authentication and details how to troubleshoot them.

2023-02-01 00:00   CVE-2023-22374: F5 BIG-IP Format String Vulnerability    #rapid7 #安全文章 Rapid7 found an additional vulnerability in the appliance-mode REST interface. We reported it to F5 and are now disclosing it in accordance with our vulnerability disclosure policy.

2023-02-01 00:00   XDR, the Beatles, and Blunt Instruments    #rapid7 #安全文章 The average security team is now managing 76 tools. If you are in that boat and looking to consolidate, our new XDR Buyers Guide can help.

2023-01-31 00:00   A Customer Success Manager’s Journey to Cybersecurity    #rapid7 #安全文章 Blake Walters joined Rapid7 ready to roll up his sleeves and learn about an entirely new field—cybersecurity.