Search Through Our Security Resources

Patch Tuesday - June 2023 | Rapid7 Blog

Also patched: a critical SharePoint Elevation of Privilege vulnerability. ... , which provides attackers with a chance at Administrator privileges on the SharePoint host, provided they come ...

Popular Attack Surfaces, August 2021 | Rapid7 Blog

DEF CON saw the release of new privilege escalation exploits for Windows Print Spooler, and Black Hat ... fade away — despite the fact that it’s authenticated and requires admin access.

The 10 Most Commonly Exploited Web Application Vulnerabilities | Rapid7 Blog

... can be an adversary’s fast-track to gaining access to sensitive and valuable information or systems. ... attacks like replay attacks, injection attacks, and privilege escalation attacks.

Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 4 | Rapid7 Blog

Although, with the LUMA device, it should at least show the /etc folder. ... /etc" folder and create and/or alter the passwd and shadow file to add an account to allow root access privileges.

The CIS Critical Security Controls Series | Rapid7 Blog

Control 4: Controlled Use of Administrative Privileges ... Discover how reducing or controlling administrative privilege and access can reduce the risk of an attacker comprising your sensitive ...

Building a Threat Simulation Tool Off Of The MITRE Att&ck Framework | Rapid7 Blog

Here is our recap of the podcast: ... For instance, the attack may start with initial access and move to gaining access, privilege escalation, lateral movement, and then data exfiltration.

Pen Testing Stories: How an X-Ray Machine Unlocked the Network | Rapid7 Blog

... old and forgotten X-ray machine had been previously accessed by a privileged Active Directory user with Domain Administrator privileges, which allowed for the cleartext credentials of that ...

New 0day Exploit: Novell ZENworks CVE-2012-4933 Vulnerability | Rapid7 Blog

The new Metasploit exploit gives you access to files on the system using system privileges and gets you all the way to the backend credentials in clear text. ... Initial disclosure to Novell

Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419) | Rapid7 Blog

The issues are summarized in the table below. ... Product ... All require some level of access to the DMS system itself, though "Guest" access is often sufficient to target administrators.

Unauthenticated Remote Code Control and Execution Vulns in Multiple Cisco Products | Rapid7 Blog

Successful exploits result in privileged device access enabling the running of containers and execution of any host-level commands ... Access to the management network of the Cisco ACI fabric

Search Results

Patch Tuesday - June 2023 | Rapid7 Blog

Popular Attack Surfaces, August 2021 | Rapid7 Blog

The 10 Most Commonly Exploited Web Application Vulnerabilities | Rapid7 Blog

Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 4 | Rapid7 Blog

The CIS Critical Security Controls Series | Rapid7 Blog

Building a Threat Simulation Tool Off Of The MITRE Att&ck Framework | Rapid7 Blog

Pen Testing Stories: How an X-Ray Machine Unlocked the Network | Rapid7 Blog

New 0day Exploit: Novell ZENworks CVE-2012-4933 Vulnerability | Rapid7 Blog

Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419) | Rapid7 Blog

Unauthenticated Remote Code Control and Execution Vulns in Multiple Cisco Products | Rapid7 Blog

Submit your information and we will get in touch with you.

Thank you for contacting us.

We will be in touch shortly.

CUSTOMER SUPPORT

SALES SUPPORT

Need immediate help with a breach?

CUSTOMER SUPPORT

SALES SUPPORT

Need immediate help with a breach?