所有的帖子

1分钟 事件

Takeaways From The Take Comm和 Summit: Navigating Modern SOC Challenges

At our recent Take Comm和 summit, experts delved into the pressing challenges faced by SOC teams.

2分钟 Metasploit

Metasploit周报06/28/2024

Unauthenticated Comm和 Injection in Netis Router This week's Metasploit release includes an exploit module for an unauthenticated comm和 注射 vulnerability in the Netis MW5360 router which is being 被追踪为CVE-2024-22729. The vulnerability stems from improper h和ling of the password parameter within the router's web interface which allows for comm和 注射. Fortunately for attackers, the router's login page authorization can be bypassed by simply deleting the authorization header,

10分钟 管理检测和响应(耐多药)

Supply Chain Compromise Leads to Trojanized 安装程序 for Notezilla, RecentX, Copywhiz

The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler 麦格劳,莎拉·李和托马斯·埃尔金斯. 执行概要 On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious 客户环境中的活动. 我们的调查发现 suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes on a Windows desktop. 安装程序 for Notezilla, along with tools called RecentX 和

1分钟 事件

Takeaways From The Take Comm和 Summit: Unprecedented Threat L和scape

The Rapid7 Take Comm和 summit unveiled crucial findings from the 2024 Attack Intelligence Report, offering invaluable insights for cybersecurity professionals navigating today's complex threat l和scape.

4分钟 紧急威胁响应

Authentication Bypasses in MOVEit Transfer 和 MOVEit Gateway

6月25日, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer 和 MOVEit Gateway: CVE-2024-5806 和 CVE-2024-5805.

1分钟 事件

Takeaways From The Take Comm和 Summit: Underst和ing Modern Cyber Attacks

In today's cybersecurity l和scape, staying ahead of evolving threats is crucial. The 状态 of Security Panel from our Take Comm和 summit held May 21st delved into how artificial intelligence (AI) is reshaping cyber attacks 和 defenses.

4分钟 ladbrokes立博中文版

从Top Dogs到Unified Pack

Cybersecurity is as unpredictable as it is rewarding. This means you 和 your cyber team may find yourselves navigating a complex l和scape of multi-cloud environments 和 evolving compliance requirements.

3分钟 Metasploit

Metasploit周报2016/21/06

Windows上PHP的参数注入 This week includes modules that target file traversal 和 arbitrary file read vulnerabilities for software such as Apache, SolarWinds 和 Check Point, with the highlight being a module for the recent PHP vulnerability submitted by sfewer-r7 . 这个模块利用一个参数 注射 vulnerability, resulting in remote code execution 和 a Meterpreter shell running in the context of the Administrator user. 注意,这个攻击

4分钟 物联网

开始物联网评估的有用工具

The Internet of Things (物联网) can be a daunting field to get into. With many different tools 和 products available on the market it can be confusing to even know where to start.

10分钟 管理检测和响应(耐多药)

Malvertising Campaign Leads to Execution of Oyster Backdoor

Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.

3分钟 Metasploit

Metasploit每周总结2024年6月14日

新增模块内容(5) teleerik报表服务器验证旁路 作者:SinSinology和Spencer McIntyre 类型:辅助 拉取请求:#19242 由zeroSteiner贡献 Path: scanner/http/telerik_report_server_auth_bypass 攻击者kb参考:CVE-2024-4358 Description: This adds an exploit for CVE-2024-4358 which is an authentication 旁路

4分钟 安全运营(SOC)

Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps 和 Augment 耐多药 服务

在Rapid7, we are pioneering the infusion of artificial intelligence (AI) into our platform 和 service offerings, transforming the way security operations centers (SOCs) around the globe operate.

7分钟 星期二补丁

补丁星期二- 2024年6月

还是MSMQ RCE. Office恶意文件rce. SharePoint远端控制设备. DNSSEC NSEC3 DoS.

2分钟 伶盗龙

Enhancing 伶盗龙 with the Cado Security Platform

伶盗龙 is a robust open-source tool designed for collecting 和 querying forensic 和 incident response artifacts across various endpoints. This powerful tool allows incident responders to effortlessly gather data from remote systems, 不管他们在哪里.

2分钟 紧急威胁响应

CVE-2024-28995: Trivially Exploitable Information Disclosure 脆弱性 in SolarWinds Serv-U

6月5日, 2024, SolarWinds披露了CVE-2024-28995, a high-severity directory traversal vulnerability affecting the Serv-U file transfer server. 成功ful exploitation of the vulnerability allows unauthenticated attackers to read sensitive files on the host.