2 min
Research
A Shifting Attack Landscape: Rapid7’s 2022 Vulnerability Intelligence Report
We’re excited to release Rapid7’s 2022 Vulnerability Intelligence Report—a deep dive into 50 of the most notable vulnerabilities our research team investigated throughout the year.
2 min
Metasploit
Metasploit Wrap-Up: 2/24/23
Basic discover script improvements
This week two improvements were made to the script/resource/basic_discovery.rc
resource script. The first update from community member samsepi0x0
allowed commas in the RHOSTS value, making it
easier to target multiple hosts. Additionally, adfoster-r7
improved the script by adding better handling
for error output. This continues our trend of trying to provide more useful
diagnostic information to
2 min
Managed Threat Complete
The Next Generation of Managed Detection and Response is Here
Managed Threat Complete: It’s always-on MDR plus unlimited vulnerability management with a single subscription.
2 min
Metasploit
Metasploit Wrap-Up: 2/17/23
Cisco RV Series Auth Bypass and Command Injection
Thanks to community contributor neterum , Metasploit
framework just gained an awesome new module which targets Cisco Small Business
RV Series Routers. The module actually exploits two vulnerabilities, an
authentication bypass CVE-2022-20705
and a
command injection vulnerability CVE-2022-20707
1 min
Rapid7 Culture
Rapid7 CEO Corey E. Thomas Appointed To National Security Telecommunications Advisory Committee
President Biden to appoint industry leaders, including Rapid7 chairman & CEO Corey E. Thomas, to the National Security Telecommunications Advisory Committee.
2 min
Cloud Security
CIEM is Required for Cloud Security and IAM Providers to Compete: Gartner® Report
Cloud Security and IAM providers should consider prioritizing specific CIEM capabilities according to a new Gartner report.
8 min
Vulnerability Management
Patch Tuesday - February 2023
Microsoft has patched 72 CVEs, including three actively-exploited zero-days affecting Windows and Microsoft 365 for Enterprise.
2 min
Research
A Deep Dive into Reversing CODESYS
This white paper offers a technical deep dive into PLC protocols and how to safely scan CODESYS-based ICS networking stacks.
2 min
Rapid7 Culture
Rapid7 and USF: Building a diverse cybersecurity workforce is not optional
Rapid7 and the University of South Florida (USF) have announced a joint research lab aimed at increasing diversity in the cybersecurity workforce.
4 min
Metasploit
Metasploit Weekly Wrap-Up: 2/10/23
Taking a stroll down memory lane (Tomcat Init Script Privilege Escalation)
Do you remember the issue with Tomcat init script that was originally discovered
by Dawid Golunski back in 2016 that
led to privilege escalation? This week's Metasploit release includes an exploit
module for CVE-2016-1240 by h00die . This
vulnerability allows any local users who already have tomcat accounts to perform
privilege escalation and gain acc
2 min
Research
Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974
Rapid7 research has found that nearly 19,000 ESXi servers likely remain vulnerable to CVE-2021-21974, which is being exploited in the ESXiArgs campaign.
5 min
Research
Evasion Techniques Uncovered: An Analysis of APT Methods
DLL search order hijacking and DLL sideloading are commonly used by nation state sponsored attackers to evade detection.
4 min
InsightIDR
Year In Review: Rapid7 InsightIDR
In 2022, We worked with our most forward-deployed practitioners to develop address detection and response pain points and meet specific goals.
2 min
Rapid7 Culture
Rapid7 Recognized on Bloomberg Gender Equality Index, Continues Commitments to Support DEI
For the fifth year in a row, Rapid7 has been included in the Bloomberg Gender Equality Index.
2 min
Emergent Threat Response
CVE-2022-21587: Rapid7 Observed Exploitation of Oracle E-Business Suite Vulnerability
Emergent threats evolve quickly, and as we learn more about this vulnerability,
this blog post will evolve, too.
Rapid7 is responding to various compromises arising from the exploitation of
CVE-2022-21587 , a critical
arbitrary file upload vulnerability (rated 9.8 on the CVSS v3 risk metric)
impacting Oracle E-Business Suite (EBS). Oracle published a Critical Patch
Update Advisory in
Octob