3 min
Vulnerability Management
Patch Tuesday - November 2020
Jumping right back to a triple digit volume of vulnerabilities resolved,
Microsoft covers 112 CVEs this November affecting products ranging from our
standard Windows Operating Systems and Microsoft Office products to some new
entries such as Azure Sphere.
Microsoft CVE-2020-17087: Windows Kernel Local Elevation of Privilege
Vulnerability
Coming as no surprise to anyone, the previously disclosed CVE-2020-17087
zero-day
2 min
Emergent Threat Response
VMware ESXi OpenSLP Remote Code Execution Vulnerability (CVE-2020-3992 and CVE-2019-5544): What You Need To Know
What’s up?
On November 6, 2020 Microsoft’s Kevin Beaumont alerted the community
to evidence of
active exploitation attempts of CVE-2020-3992
and/or CVE-2019-5544
, which are remote code execution (RCE) vulnerabili
2 min
News
SaltStack Pre-Authenticated Remote Root (CVE-2020-16846 and CVE-2020-25592): What You Need to Know
When combined, a new pair of SaltStack vulnerabilities can result in unauthenticated remote root access on a target system.
5 min
InsightIDR
Visualizing Network Traffic Data to Drive Action
In this blog, we cover the top five multi-groupby queries that can be used to visualize network sensor data with the Insight Network Sensor.
5 min
Career Development
Advance Your Career: Life as a Rapid7 Belfast Software Engineer
As we continue to build this team, we are looking for new Moose who exemplify our core values, and are passionate about making a positive impact on our customers.
2 min
Metasploit
Metasploit Wrap-Up: Nov. 6, 2020
Insert 'What Year Is It' meme
h00die contributed the Mikrotik unauthenticated
directory traversal file read
auxiliary gather
module, largely a port of the PoC by Ali Mosajjal .
The vulnerability CVE-2018-14847
allows
any file from the router to be read through the Winbox server in RouterOS due to
a lack of val
2 min
This One Time on a Pen Test
This One Time on a Pen Test: How I Hacked a Self-Driving Car
In our latest edition of "This One Time on a Pen Test," we take a deeper look at an engagement involving a self-driving car.
1 min
tCell
tCell by Rapid7 Now Available for the European Region
Today, we are excited to announce tCell by Rapid7, our next-gen WAF and RASP solution, is now available in the Rapid7 Insight cloud’s European region.
4 min
NICER Reports
NICER Protocol Deep Dive: Internet Exposure of Citrix ADC/NetScaler
In this edition of our NICER Protocol Deep Dive blog series, we take a closer look at the internet exposure of Citrix ADC/NetScaler.
5 min
Research
The Story Behind Security Breaches
There are many potential causes of security breaches, but what is a common root cause? Human error.
9 min
Application Security
Overview of Content Security Policies (CSPs) on the Web
A Content Security Policy is a protocol that allows a site owner to control what resources are loaded on a web page by the browser, and how those resources may be loaded.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 10/30/20
Support for gathering ProxyUsername and ProxyPassword for saved PuTTY sessions, usability improvements for PsExec modules, and another CTF coming soon.
4 min
National Cybersecurity Awareness Month: Security Pros Offer Top Tips for Staying Safe Online
For National Cybersecurity Awareness Month, we rounded up tips from our network of experts to help you easily shore up your approach to cybersecurity.
3 min
Vulnerability Management
Oracle WebLogic Unauthenticated Complete Takeover (CVE-2020-14882/CVE-2020-14750): What You Need to Know
Attackers opting for tricks instead of treats this week as they seek out and attempt to compromise internet-facing WebLogic servers that are vulnerable to CVE-2020-14882.
2 min
InsightVM
Rapid7 Announces Improvements to Goals and SLAs in InsightVM
We’re excited to announce that creating a goal or SLA in InsightVM just became a lot simpler.