11 min
Emergent Threat Response
Active Exploitation of Confluence CVE-2022-26134
On June 2, 2022, Atlassian published an advisory for CVE-2022-26134, a critical unauthenticated RCE vulnerability in Confluence Serve and Data Center.
2 min
Detection and Response
The Average SIEM Deployment Takes 6 Months. Don’t Be Average.
If you’re part of the huge growth in demand for cloud-based SIEM, claim your copy of the new Gartner® Report: “How to Deploy a SIEM Solution Successfully.”
1 min
Emergent Threat Response
CVE-2022-30190: "Follina" Microsoft Support Diagnostic Tool Vulnerability
On May 30, 2022, Microsoft published an advisory on CVE-2022-30190, an unpatched vulnerability in the Microsoft Support Diagnostic Tool.
4 min
Ransomware
3 Takeaways From the 2022 Verizon Data Breach Investigations Report
Our takeaways from Verizon's 2022 Breach Report suggest security pros should be doubling down on the big priorities, like ransomware and supply chain.
4 min
Metasploit
Metasploit Weekly Wrap-Up: 5/27/22
PetitPotam Improvements
Metasploit’s Ruby support has been updated to allow anonymous authentication to
SMB servers. This is notably useful while exploiting the PetitPotam
vulnerability with Metasploit, which can be used to coerce a Domain Controller
to send an authentication attempt over SMB to other machines via MS-EFSRPC
methods:
msf6 auxiliary(scanner/dcerpc/petitpotam) > run 192.168.159.10
192.168.159.10:445 - Binding to c681d488-d850-11d0-8c52-00c04fd90f7e:1.0@ncacn_np:192.168.159
4 min
Career Development
The Forecast Is Flipped: Flipping L&D Enables Managers to Be Impact Multipliers
At Rapid7, we recognize that managers are at the heart of our mission and are central to optimizing the potential of our people.
5 min
Career Development
The Rapid7 Sales Culture and Experience: An Inside Look From 2 VPs
We asked two sales leaders who recently joined our team to tell us a little about themselves and why they chose Rapid7 as the next step in their journeys.
5 min
Cloud Security
What It Takes to Securely Scale Cloud Environments at Tech Companies Today
Here are three ways to help empower your teams to take advantage of the many benefits of public cloud infrastructure without sacrificing security.
7 min
Vulnerability Disclosure
CVE-2022-22977: VMware Guest Authentication Service LPE (FIXED)
A low-privileged local attacker can prevent the VMware Guest Authentication service from running in a guest Windows environment and can crash this service.
4 min
Ransomware
A Year on from the Ransomware Task Force Report
We're marking the anniversary of the Ransomware Task Force’s (RTF) report, which offered 48 recommendations to deter and respond to ransomware attacks
7 min
DFIR
DFIR Without Limits: Moving Beyond the “Sucker's Choice” of Today’s Breach Response Services
Now, DFIR engagements are part of the core Managed Detection and Response service from Rapid7.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 5/20/22
Zyxel firewall unauthenticated command injection
This week, our very own Jake Baines added an
exploit module that leverages CVE-2022-30525
, an
unauthenticated remote command injection vulnerability in Zyxel firewalls with
zero touch provisioning (ZTP) support. Jake is also the author of the original
research and advisory
3 min
InsightIDR
Are You in the 2.5% Who Meet This Cybersecurity Job Requirement?
Multitasking has become a cybersecurity job requirement, but with the right technology, there could be a better way.
2 min
Emergent Threat Response
CVE-2022-22972: Critical Authentication Bypass in VMware Workspace ONE Access, Identity Manager, and vRealize Automation
On May 18, 2022, VMware published an advisory on CVE-2022-22972, a critical authentication bypass affecting multiple solutions.
3 min
Application Security
Find, Fix, and Report OWASP Top 10 Vulnerabilities in InsightAppSec
The OWASP 2021 Attack Template and Report for InsightAppSec helps you use the updated categories from OWASP to inform and focus your AppSec program.