5 min
Metasploit
Introducing Pingback Payloads
The Metasploit team added a new feature to Framework that improves safety and offers another avenue in MSF for novel evasion techniques: pingback payloads.
3 min
Vulnerability Management
BlueKeep Exploits May Be Coming: Our Observations and Recommendations
Rapid7 Labs has observed a significant uptick in malicious RDP activity since the release of CVE-2019-0708 (aka “BlueKeep”).
4 min
Research
New Research: Investigating and Reversing Avionics CAN Bus Systems
Rapid7's recently released research report examines the security (or lack thereof) of CAN bus networks in small aircraft.
3 min
Automation and Orchestration
How to Automate Threat Hunting with SOAR for Faster Response Times
In this blog, we highlight four ways security orchestration and automation (SOAR) tools can streamline the threat hunting process.
1 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 7/26/19
First!!
Congrats to Nick Tyrer for the first community
contibuted evasion module to land in master. Nick's
evasion/windows/applocker_evasion_install_util module
leverages the
trusted InstallUtil.exe binary to execute user supplied code and evade
application whitelisting.
New modules (4)
* WP Database Backup RCE
by Mikey
Veenstra
/ Wordf
3 min
Cloud Infrastructure
Why the Modern SIEM Is in the Cloud
Let’s talk about why modern SIEM is in the cloud, what core benefits you can expect, and how it is predicted to evolve as we soar toward 2020.
2 min
InsightVM
Ensuring Timely Remediation of Security Risks with Service-Level Agreements (SLAs) in InsightVM
Rapid7 makes it easy for you to set up and track service-level agreements (SLAs) in InsightVM.
4 min
Application Security
Beyond Static Rules: WAF vs. RASP for Better Web Application Security
In this blog post, we’ll discuss the differences between traditional web application firewalls (WAFs) and runtime application self-protection (RASP).
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 7/19/19
RCE with a Key
An exploit module
for Laravel Framework was submitted by community contributor aushack
. The module targets an insecure unserialize call
with the X-XSRF-TOKEN HTTP request header, which was discovered by Ståle
Pettersen. Since the exploit requires the Laravel APP_KEY to reach the
vulnerable unserialize call, aushack included information leak
3 min
Podcast
Why Having the Right Team Is Vital to Advancing Security
On this week's episode of Security Nation, we caught up with David Rogers about his recent royal recognition and how he credits his team for his success.
1 min
Metasploit
End of Sale Announced for Metasploit Community
Today we are announcing end of sale for Metasploit Community Edition, effective immediately.
4 min
Cloud Infrastructure
Your Guide to Securing Multi-Cloud Environments in an IaaS World
In this post, we’ll cover the unique challenges with securing cloud environments, and some best practices specifically focused on securing multi-cloud infrastructure.
3 min
Events
Metasploit Open Source Office Hours: Vegas 2019
The Metasploit crew at Rapid7 is headed out to Las Vegas for DEF CON 27,
bringing a new incarnation of the Open Source Security Meetup (OSSM) with us! We
will have a Metasploit Suite at Bally’s this year, where we’ll be hosting “Open
Source Office Hours” (OSOH). If you’ll be out in Vegas for DEF CON 27, take a
moment and ask yourself:
* Are you currently working on a Metasploit module/payload and could use some
guidance?
* Are you modifying Framework and you’d like to discuss?
* Are you w
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 7/12/19
We hope our American friends had a wonderful Fourth of July weekend! There are
no new modules this week, so instead we're featuring two enhancements that fix
some long outstanding Framework bugs. Check out last week’s holiday wrap-up for
a list of the modules that landed while the U.S. was watching fireworks.
GatherProof (or don't)
Using ssh_login* on certain non-standard devices such as Brocade switches
and Juniper
firewalls
9 min
Vulnerability Management
So, You Think You Can Query?
In this blog, we are going to explore the basics of how to make queries in our cloud-based vulnerability management solution, InsightVM.