2 min
Metasploit
Metasploit Weekly Wrap-Up 07/12/2024
The Usual Suspects
This release features two new exploits targeting old friends: Confluence and
Ivanti. CVE-2024-21683
is a very easy
vulnerability to exploit, but as pointed out in the AttackerKB Review
, it requires authentication as a ‘Confluence Administrator.’ On the other hand,
CVE-2024-29824 is an unauthenticated SQL Injection in Ivanti End
4 min
InsightCloudSec
What’s New in Rapid7 Products & Services: Q2 2024 in Review
In Q2, we focused on enhancing visualization, prioritization, and integration capabilities across our key products and services.
1 min
Events
Takeaways From The Take Command Summit: Unlocking ROI in Security
Rapid7 CMO Cindy Stanton hosted a discussions with Cindy Stanton, Byron Anderson and Gaël Frouin to talk strategies for measuring team performance at Rapid7’s recent Take Command summit.
11 min
Vulnerability Management
Patch Tuesday - July 2024
Microsoft has published 139 vulnerabilities this July 2024 Patch Tuesday, two of which had already been seen exploited in the wild.
1 min
Rapid7 Culture
Boston Business Journal Names Rapid7 as a Best Place to Work in Boston
On June 13th, 2024, Rapid7 was recognized by The Boston Business Journal as a Best Place to Work in Boston. This marks the 13th consecutive year Rapid7 has made the list, this time coming in at #8 in the extra large company category.
2 min
Government
Rapid7 completes IRAP PROTECTED assessment for Insight Platform solutions
Rapid7 has successfully completed an Information Security Registered Assessors Program (IRAP) assessment to PROTECTED Level for several of our Insight Platform solutions.
2 min
Metasploit
Metasploit Weekly Wrap-Up 07/05/2024
3 new modules - MOVEit Transfer authentication bypass CVE-2024-5806, Zyxel command injection, and Azure CLI credentials gatherer
1 min
Events
Takeaways From The Take Command Summit: Navigating Modern SOC Challenges
At our recent Take Command summit, experts delved into the pressing challenges faced by SOC teams.
2 min
Metasploit
Metasploit Weekly Wrap-Up 06/28/2024
Unauthenticated Command Injection in Netis Router
This week's Metasploit release includes an exploit module for an unauthenticated
command injection vulnerability in the Netis MW5360 router which is being
tracked as CVE-2024-22729. The vulnerability stems from improper handling of the
password parameter within the router's web interface which allows for command
injection. Fortunately for attackers, the router's login page authorization can
be bypassed by simply deleting the authorization header,
10 min
Managed Detection and Response (MDR)
Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz
The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler
McGraw, Sarah Lee, and Thomas Elkins.
Executive Summary
On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious
activity in a customer environment. Our investigation identified that the
suspicious behavior was emanating from the installation of Notezilla, a program
that allows for the creation of sticky notes on a Windows desktop. Installers
for Notezilla, along with tools called RecentX and
1 min
Events
Takeaways From The Take Command Summit: Unprecedented Threat Landscape
The Rapid7 Take Command summit unveiled crucial findings from the 2024 Attack Intelligence Report, offering invaluable insights for cybersecurity professionals navigating today's complex threat landscape.
4 min
Emergent Threat Response
Authentication Bypasses in MOVEit Transfer and MOVEit Gateway
On June 25, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer and MOVEit Gateway: CVE-2024-5806 and CVE-2024-5805.
1 min
Events
Takeaways From The Take Command Summit: Understanding Modern Cyber Attacks
In today's cybersecurity landscape, staying ahead of evolving threats is crucial. The State of Security Panel from our Take Command summit held May 21st delved into how artificial intelligence (AI) is reshaping cyber attacks and defenses.
4 min
Managed Threat Complete
From Top Dogs to Unified Pack
Cybersecurity is as unpredictable as it is rewarding. This means you and your cyber team may find yourselves navigating a complex landscape of multi-cloud environments and evolving compliance requirements.
3 min
Metasploit
Metasploit Weekly Wrap-Up 06/21/2024
Argument Injection for PHP on Windows
This week includes modules that target file traversal and arbitrary file read
vulnerabilities for software such as Apache, SolarWinds and Check Point, with
the highlight being a module for the recent PHP vulnerability submitted by
sfewer-r7 . This module exploits an argument
injection vulnerability, resulting in remote code execution and a Meterpreter
shell running in the context of the Administrator user.
Note, that this attac