3 min
Metasploit
Metasploit Weekly Wrap-Up: 4/21/23
VMware Workspace ONE Access exploit chain
A new module contributed by jheysel-r7 exploits
two vulnerabilities in VMware Workspace ONE Access to attain Remote Code
Execution as the horizon user.
First being CVE-2022-22956 ,
which is an authentication bypass and the second being a JDBC injection in the
form of CVE-2022-22957
ultimately granting us RCE.
The module
3 min
Research
3 Key Challenges to Clarity in Threat Intelligence: 2023 Forrester Consulting Total Economic Impact™ Study
The 2023 Forrester Consulting Total Economic Impact™ Study of Threat Command looks at, among other things, the difficulties of obtaining clear threat intel.
6 min
Velociraptor
Automating Qakbot Detection at Scale With Velociraptor
This blog offers a practical methodology to extract configuration data from recent Qakbot samples.
4 min
Metasploit Weekly Wrapup
Metasploit Weekly Wrap-Up: 4/14/23
Rocket Software UniRPC Exploits
Ron Bowes submitted two exploit modules
for vulnerabilities
he discovered
in the UniRPC server for Rocket Software’s UniData product. The first exploit
module, exploit/linux/misc/unidata_udadmin_auth_bypass exploits an
authentication bypass to ultimately gain remot
2 min
Research
Anarchy in the UK? Not Quite: A look at the cyber health of the FTSE 350
In this report, Rapid7 looked first at the overall attack surface of the FTSE 350 companies, broken down by industry.
12 min
Vulnerability Management
Patch Tuesday - April 2023
114 vulnerabilities patched, including a zero-day driver-based LPE. Message Queueing Service RCE. End of support for 2013 products.
4 min
Rapid7 Culture
7 Rapid Questions: Lindsey Searle
Lindsey Searle, Senior Manager, Customer Advisors, discusses how her team helps solve customer challenges.
4 min
Vulnerability Disclosure
Raptor Technologies Volunteer Management Client-Side Security Controls (FIXED)
A vulnerability in Raptor Technology Volunteer Management for Schools is being disclosed in accordance with Rapid7’s vulnerability disclosure policy.
4 min
Rapid7 Culture
Rapid7 Podcast Explores Hybrid-First Workplace Learnings
Rapid7 takes a hybrid-first workplace approach that balances flexibility and productivity with collaboration and optimizing for customer success.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 4/7/23
The tide rolls in and out.
The flood of new modules last week crested leaving ample time for documentation
updates this week. The team and the community seem to have focused on getting
those sweet sprinkles of information that help everyone understand Metasploit
out to the world.
Enhancements and features (1)
* #17458 from
steve-embling - Updates the
exploit/multi/misc/weblogic_deserialize_ba
1 min
Managed Detection and Response (MDR)
[The Lost Bots] S03E02: Finding unknowns, even spy balloons
Rapid7 Detection and Response Practice Advisor Jeffery Gardner and co-host Stephen Davis, Lead Technical Customer Advisor for MDR, discuss spy balloons and cybersecurity.
8 min
Vulnerability Management
Using InsightVM Remediation Projects To Ensure Accountability
In this blog, we look at two types of console-driven reports and two types of cloud-driven reports (projects)—and how you might use them.
7 min
Metasploit
Metasploit Weekly Wrap-Up: Mar. 31, 2023
5 new modules including Windows 11 WinSock Priv Esc, SolarWinds Information Service (SWIS) RCE and AMQP Support
3 min
Vulnerability Management
What’s New in InsightVM and Nexpose: Q1 2023 in Review
In Q1, we focused driving better customer outcomes with InsightVM and Nexpose by further improving efficiency and performance.
5 min
Open Source
Velociraptor Version 0.6.8 Available Now
Velociraptor update delivers new client-server communication protocol, VFS GUI, and performance upgrades