2 min
Metasploit
Metasploit Wrap-Up: Apr. 17, 2020
Nexus Repository Manager RCE
This week our very own Will Vu wrote a module for
CVE-2020-10199 which targets a remote code execution vulnerability within the
Nexus Repository Manager. The vulnerability allows Java Expression Language
(JavaEL) code to be executed. While the flaw requires authentication information
to leverage it, any account is sufficient. This would allow any registered user
to compromise the target server.
Unquoted Service Path LPE
Community contribu
6 min
Managed Detection and Response (MDR)
Uncooking Eggs: Manual Dridex Dropper Malicious Document Deobfuscation Methods
Learn how to analyze an obfuscated malicious document with a focus on basic static analysis.
2 min
InsightVM
Nmap Service Detection for Nexpose and InsightVM Scan Engines
As of version 6.6.14 of Nexpose and InsightVM, the Scan Engine can now utilize Nmap service probes in addition to existing detection methods to improve the discovery of previously unsupported protocols and services.
6 min
Preparing for the Cybersecurity Maturity Model Certification (CMMC) Part 1: Practice and Process
Learn how to better understand the terms and structure of the Cybersecurity Maturity Model Certification (CMMC).
3 min
Risk Management
Meet AttackerKB
Meet AttackerKB: a new community-driven resource that highlights diverse perspectives on which vulnerabilities make the most appealing targets for attackers.
2 min
Vulnerability Management
Patch Tuesday - April 2020
Global working-from-home routines haven't slowed down Microsoft and its ability
to help close up vulnerabilities in their products. This April Patch Tuesday
(WFH-edition), Microsoft has knocked 113 vulnerabilities out of the park. It's
not the highest we've seen, but it is still an impressive spread of fixes coming
in this month with a fair number resolving SharePoint and Office vulnerabilities
along with the
3 min
Remote Working
Remote Work Readiness: How to Keep a Security Mindset
Here are some of the best practices to help your company’s staff work from home with minimal risk.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 4/10/20
Meterpreter bug fixes and five new modules, including an LPE exploit for SMBghost (CVE-2020-0796) and a BloodHound post module that gathers information (sessions, local admin, domain trusts, etc.) and stores it as a BloodHound-consumable ZIP file in Framework loot.
2 min
COVID-19
Self-Isolation, Home Networking, and Open Source: Recog and Rumble
In this blog, we discuss an open source project we run here at Rapid7: Recog and its free network fingerprinting database.
7 min
CIS Controls
8 Steps to Successfully Implement the CIS Top 20 Controls in Your Organization
Eight practical steps to help you implement key controls into your organization. Get started now!
7 min
Microsoft
Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)
As of March 24, there were over 350,000 Microsoft Exchange servers exposing a version of the software with a vulnerability.
6 min
Vulnerability Management
4 Common Goals For Vulnerability Risk Management Programs
This post will give you a glimpse into the research to pinpoint under-served and unmet customer needs in the vulnerability risk management space.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 4/3/2020
This week's release includes a local privilege escalation exploit for VMware Fusion through 11.5.3 on OS X, as well as RCE on Apache Solr and DNN cookie deserialization.
3 min
SIEM
Analyze Security Data Faster with Visual Search in InsightIDR
Learn how InsightIDR, Rapid7’s SIEM tool, uses visualization to provide powerful security data analysis.
17 min
Vulnerability Disclosure
Dispelling Zoom Bugbears: What You Need to Know About the Latest Zoom Vulnerabilities
In this blog, we break down what you need to know about the recent Zoom security issues and its vulnerability remediation process.