Posts tagged Vulnerability Management

6 min InsightVM

Passwordless Network Scanning: Same Insights, Less Risk

The Scan Assistant is a lightweight service within InsightVM Network Scan Engine that can scan against targets without the need to provide credentials

7 min Vulnerability Management

Patch Tuesday - October 2021

Today’s Patch Tuesday sees Microsoft issuing fixes [https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct] for over 70 CVEs, affecting the usual mix of their product lines. From Windows, Edge, and Office, to Exchange, SharePoint, and Dynamics, there is plenty of patching to do for workstation and server administrators alike. One vulnerability has already been seen exploited in the wild: CVE-2021-40449 [https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40449] is an elev

6 min Research

For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy

When it comes to the state of patching for recent Exchange Server vulnerabilities, the picture is more incomplete than you'd think.

1 min Lost Bots

[The Lost Bots] Episode 6: D&R + VM = WINNING!

In this episode, Practice Advisor Devin Krugly joins to discuss how Detection and Response + Vulnerability Management = a winning combination.

2 min Emergent Threat Response

Critical vCenter Server File Upload Vulnerability (CVE-2021-22005)

On Tuesday, September 21, 2021, VMware published details on a critical file upload vulnerability in vCenter Server.

4 min Cloud Security

OMIGOD: How to Automatically Detect and Fix Microsoft Azure’s New OMI Vulnerability

On September 14, 2021, security researchers disclosed new vulnerabilities in Microsoft Azure’s implementation of Open Management Interface (OMI).

7 min Patch Tuesday

Patch Tuesday - September 2021

Microsoft has fixed a total of 60 vulnerabilities this month, including two publicly disclosed 0-days. Here’s three big things you can go patch right now.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 9/10/21

Confluence Server OGNL Injection Our own wvu along with Jang [https://twitter.com/testanull] added a module that exploits an OGNL injection (CVE-2021-26804 [https://attackerkb.com/topics/Eu74wdMbEL/cve-2021-26084-confluence-server-ognl-injection] )in Atlassian Confluence's WebWork component to execute commands as the Tomcat user. CVE-2021-26804 is a critical remote code execution vulnerability in Confluence Server and Confluence Data Center and is actively being exploited in the wild. Initial di

4 min Vulnerability Disclosure

CVE-2021-3927[67]: Fortress S03 WiFi Home Security System Vulnerabilities

Rapid7 researcher Arvind Vishwakarma discovered multiple vulnerabilities in the Fortress S03 WiFi Home Security System.

5 min Cybersecurity

Fortinet FortiWeb OS Command Injection

An OS command injection vulnerability in FortiWeb's management interface can allow a remote, authenticated attacker to execute arbitrary commands on the system.

3 min Cybersecurity

When One Door Opens, Keep It Open: A New Tool for Physical Security Testing

We’ve come up with a neat little device that pentesters can use to recreate the thought process of attackers — and help organizations outsmart them.

3 min Incident Response

Energize Your Incident Response and Vulnerability Management With Crowdsourced Automation Workflows

Bringing the spirit of open source to security workflow automation can help you detect and address breaches quickly, before they become major incidents.

6 min Patch Tuesday

Patch Tuesday - August 2021

Hot off the press, it’s another issue of the Patch Tuesday blog! While the number of vulnerabilities is low this month, there are a number of high risk items administrators will want to patch right away including a few that will require additional remediation steps. This Patch Tuesday also includes updates for three vulnerabilities that were publicly disclosed earlier this month. Let’s jump in. Windows Elevation of Privilege Vulnerability aka HiveNightmare/SeriousSAM https://msrc.microsoft.com/

11 min Public Policy

Hack Back Is Still Wack

The appeal of hack back is easy to understand, but that doesn't make the idea workable. Here, we outline why Rapid7 is against the authorization of private-sector hack back.

8 min Ransomware

Slot Machines and Cybercrime: Why Ransomware Won't Quit Pulling Our Lever

Ransomware remains a significant problem, partly because the incentives for everyone, including victims, are there to increase the number of ransomware attacks.