3 min
Metasploit
Metasploit Weekly Wrap-Up: Jul 15, 2022
JBOSS EAP/AS - More Deserializations? Indeed!
Community contributor Heyder Andrade added in a new
module for a Java deserialization vulnerability in JBOSS EAP/AS Remoting Unified
Invoker interface for versions 6.1.0 and prior. As far as we can tell this was
first disclosed by Joao Matos in his paper at
AlligatorCon
.
Later a PoC from Marcio Almeida
4 min
Vulnerability Management
InsightVM Release Update: Let’s Focus on Remediation for Just a Minute
We’re pleased to release two InsightVM updates that are aimed at not only improving VM program success but also reducing the effort to get you there.
3 min
Application Security
It’s the Summer of AppSec: Q2 Improvements to Our Industry-Leading DAST and WAAP
Summer is in full swing, and that means soaring temps, backyard grill-outs, and the latest roundup of Q2 application security improvements from Rapid7.
4 min
Career Development
Creating an Exceptional Workplace: Building and Expansion in a Post-COVID World
Rapid7 is celebrating the opening of its newly expanded and designed Reading, UK office, located in the Thames Valley District at Forbury Place.
7 min
Vulnerability Management
Patch Tuesday - July 2022
One 0-day vulnerability, four Critical RCEs, and a whole bunch of fixes for Azure Site Recovery.
5 min
Career Development
The Forecast Is Flipped: Flipping L&D to Ensure Continuous Growth
Here's how Rapid7 moved away from a one-size-fits-all approach to learning and put our Moose in the driver's seat of their development.
4 min
Cloud Security
3 Key Challenges for Cloud Identity and Access Management
Here are three of the main challenges that security teams face when implementing a cloud IAM solution, as well as some strategies to help tackle them.
7 min
Detection and Response
Rapid7 MDR Reduced Breaches by 90% via Greater Efficiency to Detect, Investigate, Respond to, and Remediate Breaches
No team can investigate every alert, but forging a valuable partnership with a an MDR provider can provide near-immediate headcount extension to your SOC.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 7/8/22
DFSCoerce - Distributing more than just files
DFS (Distributed File System) is now distributing Net-NTLM credentials thanks to
Spencer McIntyre with a new
auxiliary/scanner/dcerpc/dfscoerce module that is similar to PetitPotam in how
it functions. Note that unlike PetitPotam, this technique does require a normal
domain user’s credentials to work.
The following shows the workflow for targeting a 64-bit Windows Server 2019
domain controller. Metasploit is hostin
2 min
Research
Today’s SOC Strategies Will Soon Be Inadequate
New research sponsored by Rapid7 explores the momentum behind SOC modernization and the role extended detection and response (XDR) plays.
5 min
Security Strategy
How to Build and Enable a Cyber Target Operating Model
In a recent webinar, Rapid7's EMEA CTO Jason Hart explained the journey to a targeted operating cybersecurity model.
2 min
Emergent Threat Response
Exploitation of Mitel MiVoice Connect SA CVE-2022-29499
Rapid7 MDR analysts have observed a small number of intrusions leveraging CVE-2022-29499, a data validation vulnerability in MiVoice Connect.
3 min
Ransomware
For Finserv Ransomware Attacks, Obtaining Customer Data Is the Focus
We found customer data in the overwhelming majority of data disclosures from ransomware attacks against the financial services industry.
3 min
Detection and Response
What's New in InsightIDR: Q2 2022 in Review
Here's a look at some of the latest investments we've made to InsightIDR to drive detection and response forward for your organization.
5 min
Cloud Security
Cloud Complexity Requires a Unified Approach to Assessing Risk
As organizations move to the public cloud, there is an increasing need for a security strategy that aligns with the varied states of cloud maturity.