5 min
Vulnerability Disclosure
CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE
The VMware Workspace ONE Access, Identity Manager, and vRealize Automation products contain a locally exploitable privilege escalation vulnerability.
4 min
Security Strategy
Building Cybersecurity KPIs for Business Leaders and Stakeholders
In this post, we discuss how to operationalise security into an overall strategy measured by cybersecurity KPIs.
4 min
Events
What We're Looking Forward to at Black Hat, DEF CON, and BSidesLV 2022
Here's a sneak peek of what we have planned from August 9-12 at the all-star lineup of cybersecurity sessions in Las Vegas, including Black Hat 2022.
9 min
Vulnerability Disclosure
QNAP Poisoned XML Command Injection (Silently Patched)
In researching the mystery surrounding alleged exploitation in the wild of CVE-2020-2509, we found what make be an entirely new vulnerability.
3 min
Detection and Response
The Future of the SOC Is XDR
Extended detection and response (XDR) is increasingly gaining traction across the industry.
8 min
Vulnerability Disclosure
Primary Arms PII Disclosure via IDOR (FIXED)
Primary Arms, a popular e-commerce site dealing in firearms and related merchandise, suffers from an insecure direct object reference (IDOR) vulnerability.
4 min
Cloud Security
Collaboration Drives Secure Cloud Innovation: Insights From AWS re:Inforce
Here's what experts had to say at AWS re:Inforce about how organizations can quickly and securely utilize new services from cloud service providers.
6 min
Cloud Security
Shift Left: Secure Your Innovation Pipeline
As shift left has become critical to cloud security, here's how organization can implement best practices and technologies into their DevOps workflows.
4 min
Metasploit
Metasploit Weekly Wrap-Up: Jul. 29, 2022
Roxy-WI Unauthenticated RCE
This week, community member Nuri Çilengir added
an unauthenticated RCE for Roxy-WI. Roxy-WI is an interface for managing
HAProxy, Nginx and Keepalived servers. The vulnerability can be triggered by a
specially crafted POST request to a Python script where the ipbackend parameter
is vulnerable to OS command injection. The result is reliable code execution
within the context of the web application user.
Fewer Meterpreter Scripts
Community
2 min
Events
[VIDEO] An Inside Look at AWS re:Inforce 2022 From the Rapid7 Team
We asked three of our Rapid7 team members to answer a few questions and give us their experience from AWS re:Inforce 2022.
1 min
Lost Bots
[The Lost Bots] Season 2, Episode 2: The Worst and Best Hollywood Cybersecurity Depictions
In this episode, our hosts walk us through the most hilariously bad and surprisingly accurate depictions of cybersecurity in popular film and television.
5 min
Vulnerability Management
What’s New in InsightVM and Nexpose: Q2 2022 in Review
We made several investments to both InsightVM and Nexpose throughout Q2 2022 that will help teams improve and automate vulnerability management.
2 min
Emergent Threat Response
Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26138
Exploitation is underway CVE-2022-26138, one of a trio of critical Atlassian vulnerabilities affecting the company's on-premises products.
3 min
Ransomware
To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved
Our research shows the "market share" of ransomware groups and how much they focused on different types of data.
5 min
SOAR
5 SOAR Myths Debunked
As organizations increasingly use SOAR systems to keep up with their security operations challenges, here are 5 SOAR myths worth debunking.