3 min
Emergent Threat Response
Widespread Exploitation of VMware Workspace ONE Access CVE-2022-22954
On April 6, 2022, VMware detailed CVE-2022-22954, a critical RCE vulnerability affecting VMware Workspace ONE Access and Identity Manager.
5 min
Vulnerability Management
How to Strategically Scale Vendor Management and Supply Chain Security
Here are simple changes that can help you provide more impactful supply chain security guidance and controls to decrease risk.
7 min
Detection and Response
Velociraptor Version 0.6.4: Dead Disk Forensics and Better Path Handling Let You Dig Deeper
Rapid7 is pleased to announce the release of Velociraptor version 0.6.4 – an advanced, open-source digital forensics and incident response (DFIR) tool.
3 min
Emergent Threat Response
Opportunistic Exploitation of WSO2 CVE-2022-29464
On April 18, 2022, MITRE published CVE-2022-29464, an unrestricted file upload vulnerability affecting various WSO2 products.
3 min
Metasploit
Metasploit Weekly Wrap-Up: 4/22/22
ManageEngine ADSelfService Plus Authenticated RCE
This module is pretty exciting for us because it's for a vulnerability
discovered by our very own Rapid7 researchers Jake Baines
, Hernan Diaz, Andrew Iwamaye, and Dan Kelly.
The vulnerability allowed for attackers to leverage the "custom script"
functionality to execute arbitrary operating system commands whenever domain
users reset their passwords.
I won't go into too much depth though because we have a whole blog
3 min
Application Security
Rapid7 Named a Visionary in 2022 Magic Quadrant™ for Application Security Testing Second Year in a Row
For the second year in a row, Rapid7 has been named a Visionary in the Gartner® 2022 Magic Quadrant for Application Security Testing.
3 min
Cloud Security
2022 Cloud Misconfigurations Report: Cloud Security Breaches and Attack Trends
In the 2022 Cloud Misconfigurations Report, we reviewed 68 accounts of breaches from 2021. Let's take a brief look at some of the findings.
5 min
Vulnerability Management
What's New in InsightVM and Nexpose: Q1 2022 in Review
The product updates our vulnerability management (VM) team has made to InsightVM and Nexpose in the last quarter will empower you to stay in charge — not the vulnerabilities.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 4/15/22
Meterpreter Debugging
A consistent message Metasploit hears from users is that debugging and general
logging support could be improved. The gaps in functionality make it difficult
for users to understand what happens when things go wrong and for new and
existing developers to fix bugs and add new features. The Metasploit team has
been trying to improve this in various parts of the framework, the most recent
being Meterpreter. Meterpreter payloads now have additional debugging options
that can be
3 min
InsightAppSec
InsightAppSec and tCell Bring New DevSecOps Improvements in Q1
In Q1 2022, we've continued to improve InsightAppSec and tCell to help organizations shift left and automate security testing prior to deployment.
6 min
Cloud Security
InsightCloudSec Supports the Recently Updated NSA/CISA Kubernetes Hardening Guide
The NSA and CISA recently updated their Kubernetes Hardening Guide. Here's how InsightCloudSec supports the updated guidance.
4 min
Emergent Threat Response
CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)
On April 9, ManageEngine fixed CVE-2022-28810 with the release of ADSelfService Plus Build 6122.
11 min
Vulnerability Management
Patch Tuesday - April 2022
From Defender to Windows, Office to Azure, this month’s Patch Tuesday has a large swath of Microsoft’s portfolio getting vulnerabilities fixed. 119 CVEs were addressed today, not including the 26 Chromium vulnerabilities that were fixed in the Edge browser.
4 min
Research
CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation (Fixed)
On April 12, 2022, Microsoft published CVE-2022-24527, a local privilege escalation vulnerability in Microsoft Connected Cache.
3 min
XDR
3 Ways InsightIDR Users Are Achieving XDR Outcomes
Users of InsightIDR, Rapid7's cloud SIEM and XDR solution, are already making XDR outcomes a reality.