8 min
Metasploit
Announcing the 2021 Metasploit Community CTF
It’s time for another Metasploit community CTF! Our goal is to enable relationship building and knowledge sharing across the security community.
4 min
Public Policy
Thawing Out the Chilling Effect Of DMCA Section 1201
The Copyright Office issued the latest rules on security research under DMCA Section 1201. Good news: researchers' legal protections have been strengthened with the removal of the "all other laws" requirement.
3 min
SOAR
Better Together: XDR, SOAR, Vulnerability Management, and External Threat Intelligence
Effectively prioritizing security incidents comes down to having the right data and intelligence from inside your IT environment and the world outside.
4 min
Metasploit
Metasploit Wrap-Up: Nov. 12, 2021
Four new modules, including Microsoft OMI local privilege escalation, and a Win32k local privilege escalation module for CVE-2021-40449, impacting Windows 10 x64 build 14393 and 17763
6 min
IoT
Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 4
In this final post, we'll discuss how to gain full root access and successfully complete this exercise in IoT hacking.
2 min
Cloud Security
Time to Act: Bridging the Gap in Cloud Automation Adoption
An overwhelming majority of organizations recognize the value of the cloud, but not all have implemented cloud automation in their security program.
4 min
Public Policy
Update to GLBA Security Requirements for Financial Institutions
The FTC updated cybersecurity requirements for financial institutions under GLBA. This includes access controls, regular penetration testing and vulnerability scanning, and incident response, among other things. Here we'll detail the changes in comparison to the previous rule.
1 min
Emergent Threat Response
CVE-2021-43287 Allows Pre-Authenticated Build Takeover of GoCD Pipelines
On October 26, 2021, open-source CI/CD solution GoCD released version 21.3.0, which included a fix for CVE-2021-43287, a critical information disclosure vulnerability whose exploitation allows unauthenticated attackers to leak configuration information, including build secrets and encryption keys.
3 min
Application Security
tCell by Rapid7 Supports the Newly Released .NET 6.0
We’re excited to share that we've coordinated our recent .NET and .NET Core agent releases with the brand new .NET 6.0 release from Microsoft.
1 min
Emergent Threat Response
Opportunistic Exploitation of Zoho ManageEngine and Sitecore CVEs
Over the weekend of November 6, 2021, Rapid7’s Incident Response (IR) and Managed Detection and Response (MDR) teams began seeing opportunistic exploitation of two unrelated CVEs targeting Zoho ManageEngine and Sitecore.
4 min
InsightIDR
InsightIDR Was XDR Before XDR Was Even a Thing: An Origin Story
With InsightIDR, you already have the capability to achieve XDR outcomes right now.
3 min
Application Security
OWASP Top 10 Deep Dive: Getting a Clear View on Vulnerable and Outdated Components
Outdated and vulnerable components have gone up three places in the OWASP Top 10. Here's Why.
3 min
Metasploit
Metasploit Wrap-Up: 11/5/21
GitLab RCE
New Rapid7 team member jbaines-r7 wrote an
exploit targeting GitLab via the ExifTool command. Exploiting this vulnerability
results in unauthenticated remote code execution as the git user. What makes
this module extra neat is the fact that it chains two vulnerabilities together
to achieve this desired effect. The first vulnerability is in GitLab itself that
can be leveraged to pass invalid image files to the ExifTool parser which
contained the second v
1 min
Emergent Threat Response
New NPM library hijacks (coa and rc)
A popular NPM library called coa, which is used in React packages around the world, has been hijacked to distribute credential-stealing malware.
4 min
Cybersecurity
2022 Planning: The Path to Effective Cybersecurity Maturity
Achieving cybersecurity maturity isn't something you can do overnight — it requires a significant amount of planning, prioritizing, and coordinating across the business.