6 min
Research
For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy
When it comes to the state of patching for recent Exchange Server vulnerabilities, the picture is more incomplete than you'd think.
5 min
Ransomware
The Ransomware Killchain
How does a machine go from one that's working perfectly fine to one that's inoperable due to ransomware? This post takes a close look.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 9/10/21
Confluence Server OGNL Injection
Our own wvu along with Jang [http://twitter.com/testanull] added a module that
exploits an OGNL injection (CVE-2021-26804
[http://attackerkb.com/topics/Eu74wdMbEL/cve-2021-26084-confluence-server-ognl-injection]
)in Atlassian Confluence's WebWork component to execute commands as the Tomcat
user. CVE-2021-26804 is a critical remote code execution vulnerability in
Confluence Server and Confluence Data Center and is actively being exploited in
the wild. Initial di
8 min
Ransomware
The Rise of Disruptive Ransomware Attacks: A Call To Action
Ransomware attacks are on the rise. In this post, we examine the dynamics of this trend and where it might be headed.
2 min
Cloud Security
Cloud Challenges in the Age of Remote Work: Rapid7’s 2021 Cloud Misconfigurations Report
The cloud has increased innovation, but it’s also impacted security risks. Our 2021 Cloud Misconfigurations Report takes a closer look at those risks.
4 min
Cloud Security
SANS Experts: 4 Emerging Enterprise Attack Techniques
According to a report from the SANS Institute, the new wave of attack techniques isn't on the horizon — it’s here.
4 min
Vulnerability Disclosure
CVE-2021-3927[67]: Fortress S03 WiFi Home Security System Vulnerabilities
Rapid7 researcher Arvind Vishwakarma discovered multiple vulnerabilities in the Fortress S03 WiFi Home Security System.
2 min
Metasploit
Metasploit Wrap-Up 8/6/21
Desert heat (not the 1999 film)
This week was more quiet than normal with Black Hat USA and DEF CON, but that
didn’t stop the team from delivering some small enhancements and bug fixes! We
are also excited to see two new modules #15519
[http://github.com/rapid7/metasploit-framework/pull/15519] and #15520
[http://github.com/rapid7/metasploit-framework/pull/15520] from researcher
Jacob Baines’ [http://twitter.com/Junior_Baines] DEF CON talk Bring Your Own
Print Driver Vulnerability [http://
8 min
Ransomware
Slot Machines and Cybercrime: Why Ransomware Won't Quit Pulling Our Lever
Ransomware remains a significant problem, partly because the incentives for everyone, including victims, are there to increase the number of ransomware attacks.
4 min
Metasploit
Metasploit Wrap-Up: 7/23/2021
Now I Control Your Resource Planning Servers
Sage X3 is a resource planning product designed by Sage Group which is designed
to help established businesses plan out their business operations. But what if
you wanted to do more than just manage resources? What if you wanted to hijack
the resource server itself? Well wait no more, as thanks to the work of Aaron
Herndon [http://www.linkedin.com/in/aaron-herndon-54079b5a/], Jonathan Peterson
[http://www.linkedin.com/in/jonathan-p-004b76a1/], Will
2 min
Research
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Deutsche Börse Prime Standard
Rapid7 just released the third in our Industry Cyber-Exposure Report (ICER) series. We've slimmed down our research and reporting style, and this series focuses on five areas we believe that CISOs at mega-corporations actually have a shot at accomplishing.
8 min
Vulnerability Disclosure
Akkadian Provisioning Manager Multiple Vulnerabilities Disclosure (Fixed)
Researchers discovered a trio of vulnerabilities in the Akkadian Provisioning Manager version 4.50.18.
4 min
Vulnerability Disclosure
CVE-2021-3198 and CVE-2021-3540: MobileIron Shell Escape Privilege Escalation Vulnerabilities
Discovered by Rapid7 researcher William Vu, Ivanti MobileIron Core versions 10.7.0.1-9 and 11.0.0.1-3 suffer from 2 restricted-shell escape vulnerabilities.
6 min
CISOs
Rapid7's 2021 ICER Takeaways: Vulnerability Disclosure Programs Among the Fortune 500
We rely on fantastically advanced technology in every aspect of our modern lives. Of course, anyone who has spent any time analyzing these technologies will notice that we are routinely bedeviled with vulnerabilities, especially when it comes to the internet.
1 min
Research
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): FTSE 350
We are excited to release the second report in our Industry Cyber-Exposure Report (ICER) series, which digs into cyber-exposure among organizations in the U.K.’s FTSE 350.