4 min
Partners
Rapid7 Announces Partner of the Year Awards 2023 Winners
Rapid7 is proud to announce our Partner of the Year Award winners for 2023!
3 min
Emergent Threat Response
Backdoored 3CXDesktopApp Installer Used in Active Threat Campaign
Emergent threats evolve quickly. We will update this blog with new information
as it comes to light and we are able to verify it. Erick Galinkin, Ted Samuels,
Zach Dayton, Eoin Miller, Caitlin Condon, Stephen Fewer, Spencer McIntyre, and
Christiaan Beek all contributed to this blog.
On Wednesday, March 29, 2023, multiple security firms issued
warnings
2 min
Cybersecurity
Executive Webinar: Confronting Security Fears to Control Cyber Risk, Part Three
Get practical and actionable advice on how to implement a cyber target operating model that aligns with your business and reduces risk.
33 min
Vulnerability Disclosure
Multiple Vulnerabilities in Rocket Software UniRPC server (Fixed)
In early 2023, Rapid7 discovered several vulnerabilities in Rocket Software UniData UniRPC. We worked with the company to fix issues and coordinate this disclosure.
2 min
InsightIDR
What’s New in InsightIDR: Q1 2023 in Review
InsightIDR received a number of exciting updates in Q1 2023, including faster search, a redesigned UI, updated investigations, and more.
1 min
Emergent Threat Response
Active Exploitation of IBM Aspera Faspex CVE-2022-47986
Rapid7 is aware of at least one incident where a customer was compromised via CVE-2022-47986. We strongly recommend patching on an emergency basis.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 3/24/23
Zxyel Routers Beware
This week we've released a module written by first time community contributor
shr70 that can exploit roughly 45 different Zyxel
router and VPN models. The module exploits a buffer overflow vulnerability that
results in unauthenticated remote code execution on affected devices. It's rare
we see a module affect this many devices once and are excited to see this ship
in the framework. We hope pentesters and red-teamers alike can make good use of
this
5 min
Cloud Security
Center for Internet Security (CIS) unveils Azure Foundations Benchmark v2.0.0
CIS recently unveiled the latest version of their Azure Foundations Benchmark. This is the first major release since its launch more than 4 years ago.
2 min
Cloud Security
Reduce Risk and Regain Control with Cloud Risk Complete
Detect and manage risk across cloud environments, endpoints, on-premises infrastructure, and web applications, with Rapid7's Cloud Risk Complete.
5 min
Rapid7 Culture
Celebrating Women’s History Month at Rapid7
On March 8th, Rapid7 hosted an International Women's Day panel, which focused equity, inclusion, and advocacy in the workplace.
7 min
Vulnerability Disclosure
CVE-2023-0391: MGT-COMMERCE CloudPanel Shared Certificate Vulnerability and Weak Installation Procedures
Rapid7 has discovered three security concerns in CloudPanel from MGT-COMMERCE, a self-hosted web administration solution.
3 min
Emergent Threat Response
Rapid7-Observed Exploitation of Adobe ColdFusion
Rapid7’s Threat Intelligence and Detection Engineering team has identified active exploitation of Adobe ColdFusion in multiple customer environments.
5 min
Rapid7 Culture
Practice Operations Manager Looks Back On First Five Months With Rapid7
Elianna Sfez is a Threat Intelligence Practice Operations Manager at Rapid7. We sat down to chat about her new hire journey, company culture, and more.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 3/17/23
FortiNAC EITW Content Added
Whilst we did have a few cool new modules added this week, one particularly
interesting one was a Fortinet FortiNAC vulnerability, CVE-2022-39952
, that
was added in by team member Jack Heysel. This module exploits an unauthenticated
RCE in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through
9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0
through 8.5.4,
4 min
MITRE ATT&CK
MITRE ATT&CK® Mitigations
It's essential to implement robust security measures to protect your organization. One way to do this is to utilize the MITRE ATT&CK framework.