13 min
Vulnerability Disclosure
Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)
Rapid7 has discovered, and is now disclosing, eight XSS issues affecting four on-premises document management systems. As of this disclosure, none have patches available.
2 min
Emergent Threat Response
CVE-2023-22501: Critical Broken Authentication Flaw in Jira Service Management Products
Atlassian has published an advisory for CVE-2023-22501, a critical broken authentication vulnerability affecting Jira service management products.
2 min
Emergent Threat Response
Ransomware Campaign Compromising VMware ESXi Servers
Hosting provider OVH and French CERT has issued a warning about a ransomware campaign that appears to be using CVE-2021-21974 to target VMware ESXi servers.
4 min
Metasploit
Metasploit Weekly Wrap-Up: 2/2/23
Metasploit 6.3 is out!
Earlier this week we announced the release of Metasploit 6.3 which came with a
tonne of new modules and improvements.
The whole team worked super hard on this and we're very excited that everyone
can now get their hands on it and all of the new features it has to offer!
I won't go over everything we did here because we have a whole separate blog
post
dedicated to the 6.3 release that you shou
3 min
Emergent Threat Response
Exploitation of GoAnywhere MFT zero-day vulnerability
A warning has been issued about an actively exploited zero-day vulnerability affecting on-premise instances of Fortra’s GoAnywhere MFT.
9 min
Application Security
Troubleshooting InsightAppSec Authentication Issues
This article details common issues with macro, traffic, and selenium authentication and details how to troubleshoot them.
2 min
Detection and Response
XDR, the Beatles, and Blunt Instruments
The average security team is now managing 76 tools. If you are in that boat and looking to consolidate, our new XDR Buyers Guide can help.
5 min
Vulnerability Disclosure
CVE-2023-22374: F5 BIG-IP Format String Vulnerability
Rapid7 found an additional vulnerability in the appliance-mode REST interface. We reported it to F5 and are now disclosing it in accordance with our vulnerability disclosure policy.
3 min
Rapid7 Culture
A Customer Success Manager’s Journey to Cybersecurity
Blake Walters joined Rapid7 ready to roll up his sleeves and learn about an entirely new field—cybersecurity.
10 min
Research
Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer and Qakbot Malware
Recently, Rapid7 observed malicious actors using OneNote files to deliver malicious code. This post details our findings.
3 min
Threat Intel
Threat Intelligence: 2022 Year in Review
As we forge into 2023, Rapid7 Threat Intelligence remains laser-focused and committed to addressing the critical needs of security teams.
13 min
Metasploit
Metasploit Framework 6.3 Released
Metasploit Framework 6.3 is now available. New features include native Kerberos authentication support, streamlined Active Directory attack workflows (AD CS, AD DS), and new modules that request, forge, and convert tickets between formats.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 1/27/23
Cacti Unauthenticated Command Injection
Thanks to community contributor Erik Wynter ,
Metasploit Framework now has an exploit module
for an
unauthenticated command injection vulnerability in the Cacti network-monitoring
software. The vulnerability is due to a proc_open() call that accepts
unsanitized user input in remote_agent.php. Provided that the target server has
data that's tied to the POLLER_ACTION_S
3 min
Detection and Response
The High Cost of Human Error In OT Systems
Nearly 80% of respondents to a recent SCADAfence survey said human error presents the greatest risk to OT control systems.
3 min
Detection and Response
3 Ways to Apply a Risk-Based Approach to Threat Detection, Investigation, and Response: Gartner® Report
In an ongoing effort to help security organizations gain greater visibility into risk, we’re pleased to offer this complimentary Gartner® report, 3 Ways to Apply a Risk-Based Approach to Threat Detection, Investigation, and Response.