9 min
Patch Tuesday
Patch Tuesday - April 2021
Patch Tuesday is here again and there are more Exchange updates to apply! A
total of 114 vulnerabilities were fixed this month with more than half of them
affecting all versions of Windows, with about half of them being remote code
execution bugs, and about a fifth of them being rated as critical by Microsoft.
Let's dive in!
New Exchange Server Patches Available
If you were only going to patch one thing today, please let it be this. Exchange
Server has been a hot topic since the vulnerabilities
3 min
Vulnerability Disclosure
CVE-2021-26908 and CVE-2021-26909: Automox Agent Information Disclosure (FIXED)
Rapid7 researcher Danny Jordan discovered two vulnerabilities in the Automox Agent for Windows and macOS.
2 min
Managed Detection and Response (MDR)
MDR Must-Haves, Part 6: Threat Validation and Detailed Reporting
Engaging a managed security service provider—either a traditional MSSP or MDR provider—should never involve wasting your time.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 4/9/21
Spilling the (Gi)tea We have two modules coming in from cdelafuente-r7 targeting CVE-2020-14144 for both the Gitea and Gogs self-hosted Git services. Both modules are similar: they take advantage of a user's ability to create Git hooks by authenticating with the web interface, creating a dummy repos
4 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 5: Multiple Threat Detection Methodologies, Including Deep Attacker Behavior Analysis
The best Managed Detection and Response (MDR) providers use a combination of threat intelligence, User Behavior Analytics (UBA), Attacker Behavior Analytics (ABA), and human threat hunts to provide detection for threats and attackers.
2 min
InsightIDR
What’s New in InsightIDR: Q1 2021 in Review
Back at the start of the year, we reflected on some of our 2020 InsightIDR product investments and took a look at what was ahead in 2021. As the first quarter of the year comes to a close, we wanted to offer a closer look at some of the recent updates and releases in InsightIDR.
5 min
Emergent Threat Response
Attackers Targeting Fortinet Devices and SAP Applications
CISA and the FBI published a joint alert to warn users that APT threat actors were likely exploiting unpatched Fortinet FortiOS devices to gain initial access to government, commercial, technology, and other organizations’ networks.
3 min
Kubernetes Security
Kubernetes Namespaces Are Not as Secure as You Think
A common misconception around namespaces is that they are truly separated. However, it is more likely to think of it as a police tape—you know it is there, but it is fairly easy to bypass it.
5 min
Cloud Security
Looking Back and Moving Forward With Rapid7’s Cloud Security Solution
The DivvyCloud by Rapid7 team has had a busy and productive start to 2021, and we anticipate that the rest of this year will be equally exciting for our valued customers.
2 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 4: Ingestion of Authentication Data Across Local, Domain, and Cloud Sources
There isn’t a single threat or breach that doesn’t involve attackers using legitimate credentials to cause harm.
2 min
Research
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Fortune 500
Today, Rapid7 just released the first in our all-new Industry Cyber-Exposure Report (ICER) series.
3 min
Application Security
What’s New in InsightAppSec and tCell: Q1 2021 in Review
Rapid7 will continue to support customers through every challenge, with new updates and avenues to help you get the most out of your application security program.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 4/2/21
Six new modules targeting F5, SaltStack, Exchange Server, and more, plus some significant performance improvements and fixes.
2 min
Managed Detection and Response (MDR)
MDR Vendor Must-Haves, Part 3: Ingestion of Other Technology Investments
By the time you’re ready to invest in a Managed Detection and Response (MDR) service, you’ve likely already invested in a number of different security tools aimed at preventing threats and detecting breaches. MDR is a continued investment in this technology, not always a pure replacement.
2 min
Emergent Threat Response
SolarWinds Patches Four New Vulnerabilities in Their Orion Platform
SolarWinds released fixes for 4 new vulnerabilities in their Orion platform, the most severe of which is an authenticated RCE flaw due to a JSON deserialization weakness.