2 min
Emergent Threat Response
CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities
On November 8, 2022, Citrix published Citrix Gateway and Citrix ADC Security
Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516
[https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516]
announcing fixes for three vulnerabilities:
* CVE-2022-27510 [https://nvd.nist.gov/vuln/detail/CVE-2022-27510]
“Unauthorized access to Gateway user capabilities”
* CVE-2022-27513 [https://nvd.nist.gov/vuln/detai
2 min
DAST
New Research: Optimizing DAST Vulnerability Triage with Deep Learning
In new paper, Rapid7 data scientists outline a novel deep learning model to automatically prioritize application security vulnerabilities and reduce false positive friction.
3 min
Research
New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers
We look at two of the most popular protocols used for remote administration, SSH and RDP, to get a sense of how attackers are taking advantage of weaker password management to gain access to systems.
8 min
Vulnerability Disclosure
FLEXlm and Citrix ADM Denial of Service Vulnerability
Note: Updated October 20, 2022 to clarify that this bypasses CVE-2022-27512 and
not CVE-2022-27511, which has a different root cause.
On June 27, 2022, Citrix released an advisory
[https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512]
for CVE-2022-27511 [https://nvd.nist.gov/vuln/detail/CVE-2022-27511] and
CVE-2022-27512 [https://nvd.nist.gov/vuln/detail/CVE-2022-27512], which affect
Citrix ADM (Application Del
7 min
Vulnerability Disclosure
Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)
Rapid7 discovered vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare.
6 min
Ransomware
Architecting for Extortion: Acting on the IST’s Blueprint for Ransomware Defense
Last month, the Institute for Security and Technology’s Ransomware Task Force launched the Blueprint for Ransomware Defense.
2 min
Research
25 Years of Nmap: Happy Scan-iversary!
On September 1, 1997, the open-source security scanner Nmap was released. Our Director of Research Tod Beardsley reflects on the 25th anniversary.
4 min
Research
Pushing Open-Source Security Forward: Insights From Black Hat 2022
Here's a look at two Rapid7 researchers' presentations from Black Hat 2022, and how their efforts are helping push open-source security forward.
3 min
Application Security
Are Your Apps Exposed? Know Faster With Application Discovery in InsightAppSec
InsightAppSec's new application discovery feature, powered by Rapid7's Project Sonar, helps security teams know what apps are exposed to the internet.
21 min
Vulnerability Disclosure
Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software
Rapid7 discovered vulnerabilities and non-security issues affecting Cisco ASA, ASDM, and FirePOWER Services Software for ASA.
5 min
Vulnerability Disclosure
CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE
The VMware Workspace ONE Access, Identity Manager, and vRealize Automation products contain a locally exploitable privilege escalation vulnerability.
4 min
Events
What We're Looking Forward to at Black Hat, DEF CON, and BSidesLV 2022
Here's a sneak peek of what we have planned from August 9-12 at the all-star lineup of cybersecurity sessions in Las Vegas, including Black Hat 2022.
9 min
Vulnerability Disclosure
QNAP Poisoned XML Command Injection (Silently Patched)
In researching the mystery surrounding alleged exploitation in the wild of CVE-2020-2509, we found what make be an entirely new vulnerability.
8 min
Vulnerability Disclosure
Primary Arms PII Disclosure via IDOR (FIXED)
Primary Arms, a popular e-commerce site dealing in firearms and related merchandise, suffers from an insecure direct object reference (IDOR) vulnerability.
3 min
Ransomware
To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved
Our research shows the "market share" of ransomware groups and how much they focused on different types of data.