5 min
Cybersecurity
No Damsels in Distress: How Media and Entertainment Companies Can Secure Data and Content
As media and entertainment companies grow their cloud footprints, they’re also opening themselves up to vulnerabilities threat actors can exploit.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 8/5/22
Log4Shell in MobileIron Core
Thanks to jbaines-r7 we have yet another
Log4Shell exploit .
Similar to the other Log4Shell exploit modules, the exploit works by sending a
JNDI string that once received by the server will be deserialized, resulting in
unauthenticated remote code execution as the tomcat user. Vulnerable versions of
MobileIron Core have been reported as exploited
5 min
Vulnerability Disclosure
CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE
The VMware Workspace ONE Access, Identity Manager, and vRealize Automation products contain a locally exploitable privilege escalation vulnerability.
4 min
Security Strategy
Building Cybersecurity KPIs for Business Leaders and Stakeholders
In this post, we discuss how to operationalise security into an overall strategy measured by cybersecurity KPIs.
4 min
Events
What We're Looking Forward to at Black Hat, DEF CON, and BSidesLV 2022
Here's a sneak peek of what we have planned from August 9-12 at the all-star lineup of cybersecurity sessions in Las Vegas, including Black Hat 2022.
9 min
Vulnerability Disclosure
QNAP Poisoned XML Command Injection (Silently Patched)
In researching the mystery surrounding alleged exploitation in the wild of CVE-2020-2509, we found what make be an entirely new vulnerability.
2 min
Detection and Response
The Future of the SOC Is XDR
Extended detection and response (XDR) is increasingly gaining traction across the industry.
8 min
Vulnerability Disclosure
Primary Arms PII Disclosure via IDOR (FIXED)
Primary Arms, a popular e-commerce site dealing in firearms and related merchandise, suffers from an insecure direct object reference (IDOR) vulnerability.
4 min
Cloud Security
Collaboration Drives Secure Cloud Innovation: Insights From AWS re:Inforce
Here's what experts had to say at AWS re:Inforce about how organizations can quickly and securely utilize new services from cloud service providers.
6 min
Cloud Security
Shift Left: Secure Your Innovation Pipeline
As shift left has become critical to cloud security, here's how organization can implement best practices and technologies into their DevOps workflows.
4 min
Metasploit
Metasploit Weekly Wrap-Up: Jul. 29, 2022
Roxy-WI Unauthenticated RCE
This week, community member Nuri Çilengir added
an unauthenticated RCE for Roxy-WI. Roxy-WI is an interface for managing
HAProxy, Nginx and Keepalived servers. The vulnerability can be triggered by a
specially crafted POST request to a Python script where the ipbackend parameter
is vulnerable to OS command injection. The result is reliable code execution
within the context of the web application user.
Fewer Meterpreter Scripts
Community
2 min
Events
[VIDEO] An Inside Look at AWS re:Inforce 2022 From the Rapid7 Team
We asked three of our Rapid7 team members to answer a few questions and give us their experience from AWS re:Inforce 2022.
1 min
Lost Bots
[The Lost Bots] Season 2, Episode 2: The Worst and Best Hollywood Cybersecurity Depictions
In this episode, our hosts walk us through the most hilariously bad and surprisingly accurate depictions of cybersecurity in popular film and television.
5 min
Vulnerability Management
What’s New in InsightVM and Nexpose: Q2 2022 in Review
We made several investments to both InsightVM and Nexpose throughout Q2 2022 that will help teams improve and automate vulnerability management.
2 min
Emergent Threat Response
Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26138
Exploitation is underway CVE-2022-26138, one of a trio of critical Atlassian vulnerabilities affecting the company's on-premises products.