5 min
Vulnerability Management
Patch Tuesday - June 2021
It is another low volume Patch Tuesday this month as Microsoft releases fixes
for 50 vulnerabilities. This should not diminish the importance of speedily
applying the updates. 6 of the vulnerabilities being patched this month are
0-days under active exploitation (CVE-2021-31955
,
CVE-2021-31956
,
CVE-2021-33739
2 min
Cloud Security
Action! Start putting automation into practice.
In our new blog series, we’ll talk about the challenges of leveraging automation and actually putting it into practice for your organization and business.
2 min
Security Strategy
Kill Chains: Part 2→Strategic and tactical use cases
Let’s now take a look at how you can leverage the different kill chains to overcome vulnerabilities and win the day against attackers.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 6/4/21
Two new modules and a few enhancements and fixes, including improvements to the analyze command.
3 min
Identity Access Management (IAM)
All about the boundaries: The cloud IAM lifecycle approach
Implementing cloud Identity Access Management (IAM) boundaries can seem like an oxymoron in the midst of rapid growth or need for access as new personnel, teams, or supply-chain partners come online.
9 min
Public Policy
Proposed security researcher protection under CFAA
Rapid7 views independent cybersecurity research and the security community as important drivers for advancing cybersecurity for all, a core value for Rapid7. One way we take action on this value is by supporting protection for security researchers acting in good faith.
2 min
Public Policy
Supreme Court narrows CFAA
The Supreme Court interprets the CFAA narrowly. This avoids over-criminalizing cybersecurity research and commonplace internet activity, though may raise concerns about insider threats.
4 min
Vulnerability Disclosure
CVE-2021-3198 and CVE-2021-3540: MobileIron Shell Escape Privilege Escalation Vulnerabilities
Discovered by Rapid7 researcher William Vu, Ivanti MobileIron Core versions 10.7.0.1-9 and 11.0.0.1-3 suffer from 2 restricted-shell escape vulnerabilities.
4 min
Application Security
Rapid7 Named a Visionary in 2021 Gartner Magic Quadrant for Application Security Testing
Rapid7 is excited to share that we have been recognized as a Visionary in the 2021 Gartner Magic Quadrant for Application Security Testing (AST)
3 min
DevOps
Creating coefficiency: DevOps, Security, and Compliance
The ultimate goal on the security horizon is, of course, to prevent risks and misconfigurations before runtime. This won’t always happen, but teams can still get into a rhythm where runtime mistakes become the exception rather than the rule.
6 min
Public Policy
How the Biden Administration's cybersecurity order will affect companies
The Biden Administration's Executive Order will create new software security and cyber incident reporting requirements for federal contractors.
3 min
Metasploit
Metasploit Wrap-Up: May 28, 2021
In the spirit of cool module content, there's a new SMBGhost RCE module, plus a hefty set of enhancements and fixes!
4 min
Cloud Security
5 questions to answer before spending big on cloud security
Convincing people to sign off on big cloud security spends is, most assuredly, a never-ending process. Because every so often (be it in 6 months, 1 year, 2 years), your security organization will have to pitch to the check-writers all over again.
3 min
Detection and Response
Kill Chains: Part 1→Strategic and operational value
More recently, the term has been conscripted by the cybersecurity world to help businesses and security organizations go on the offensive, ensuring there are no gaps in their mitigation strategies and that their threat-hunting processes are sound.
2 min
Emergent Threat Response
CVE-2021-21985: What you need to know about the latest critical vCenter Server vulnerability
On Tuesday, May 25, 2021, VMware published security advisory VMSA-2021-0010
, which includes
details on CVE-2021-21985, a critical remote code execution vulnerability in the
vSphere Client (HTML5) component of vCenter Server (6.5, 6.7, and 7.0) and
VMware Cloud Foundation (3.x and 4.x). The vulnerability arises from lack of
input validation in the Virtual SAN Health Check plug-in, which is enabled by
default in vCenter Server. Succe