2 min
Microsoft
Patch Tuesday - June 2014
Patch Tuesday, June 2014 delivers seven advisories, of them, two critical, five
important – one of which is the seldom seen “tampering” type.
The remarkable item in this month's advisories is MS14-035, the Internet
Explorer patch affecting all supported versions. That in itself is not unique,
we see one of these almost every month, but this time the patch addresses 59
CVEs, that is 59 distinct vulnerabilities in one patch! Microsoft asserts that
while two of the vulnerabilities (CVE-2014-1770
2 min
Kali-lujah! Nexpose now supports Kali Linux
2017 Update: Our Kali support in Nexpose was deprecated some time ago. For
information on supported operating systems and all things Nexpose, see our help
site or reach out to your CSM.
Pen testers and Kali Linux lovers, get your Nexpose on!
Now you can install Nexpose on the same platform you use for everything else! As
of the Nexpose 5.9.13 release, Kali Linux is now an officially supported
operating system. You can now install Nexpose on Kali Linux 64-b
2 min
IT Ops
Collecting and Analyzing Logs from Your Java Application
le_java is one of several libraries that allow you to send log data directly to
your Logentries account from your application. le_java supports both the log4j
and logback logging libraries in java, and can be configured to work with
either – in just a few steps! (Check out:
github.com/logentries/le_java/blob/master/README.md
for our complete
tutorial.)
Once you have your application send
1 min
Metasploit
Top 3 Takeaways from "7 Ways to Make Your Penetration Tests More Productive" Webcast
Earlier this week we heard from ckirsch
, Senior Product Marketing Manager
for Metasploit at Rapid7, on the pressure penetration testers are facing. (Hint:
it's a lot!). With the increase in high profile breaches and their costs, more
and more emphasis is being put on the pen tester and security in general. Read
on if you'd like to get the top takeaways from this week's webcast so that you
aren't left in the dark about, "7 Ways to Make Your Penetratio
2 min
Joining the Rapid7 Team!
If I was asked to pick one word that encompasses the reason I decided to join
Rapid7 as a Security Consultant and Researcher it would be community. After
seeing two of my colleagues, Trey Ford and Nick Percoco, join the ranks of
Rapid7 over the last several months I knew that something special was happening,
and curiosity being what it is, I started to do some research into what Rapid7
was about. Sure, there are all the wonderful technology they provide and the
range of security products they o
3 min
Metasploit Weekly Update: Blinding Defenders by Poking at Wireshark
The Wireshark DoS Module
This week, we have an interesting new module from Metasploit community
contributor JoseMi , which exercises a (seeming)
denial-of-service (DoS) condition in a Wireshark dissector responsible for
decoding CAPWAP packets. No, I've never heard of CAPWAP either, but Wikipedia's
article , now I'm an expert! At any rate,
it's not a protocol that you would expect to find really anywhere, given that
no
real wir
2 min
Becoming a Metasploit Pro Specialist
(This guest blog comes to us from Louis Sanchez, a Network Systems Specialist
that is employed at a Cancer Center in the North East)
In late February of this year, I was presented with the opportunity to
participate in the new Metasploit Pro Specialist certification pilot. The goal
of this new certification was to provide the training required to have a
proficient understanding of Metasploit Pro
. By providing a baseline
of knowledge require
4 min
Emergent Threat Response
Managing the Impact of the Ebay Breach on You and Your Company
eBay announced
earlier today that they were the victims of an attack that compromised the email
address, encrypted password, physical address, phone number and date of birth of
eBay customers. It's important to note that the company indicated that they
have not detected any fraudulent network activity and that credit card
information was not taken.
Breached Credentials #1 Attack Vector and #1 Most Commonly Sold Information on
Bl
2 min
IT Ops
Our Favorite Linux Performance Monitoring Tools
As a part of monitoring and troubleshooting our system and applications, we
often need to get a quick snapshot of information about the status of our
server. This usually means SSHing into a server and running certain commands to
get to the information we need. I wanted to share a quick overview of my top 5
commands to get a snapshot of this server information.
htop
htop is an ncurses-based interactive process viewer for Linux. It gives
information about the CPU utiliz
5 min
Vulnerability Disclosure
R7-2014-01, R7-2014-02, R7-2014-03 Disclosures: Exposure of Critical Information Via SNMP Public Community String
Summary of Vulnerabilities
This report details three critical information disclosure vulnerabilities. The
vulnerabilities were discovered while Matthew Kienow and I (Deral Heiland
) were researching information disclosure issues
in SNMP on embedded appliances for a talk
at CarolinaCon
. During this research project, most devices
exposed information that would be classified as benign or pub
3 min
Microsoft
Patch Tuesday - May 2014 - Lots going on
There is a lot going on in the updates from Microsoft this month, including some
very interesting and long time coming changes. Also, it's the highest volume of
advisories so far this year, with eight dropping on us, two of which are
labelled as critical.
How to describe the patching priority is going to be very subjective. Microsoft
has identified three of these advisories: MS14-024, MS14-025, & MS14-029, the IE
patch as priority 1 patching concerns. Interestingly MS14-029 which is the
update
2 min
Goodnight, BrowserScan
The BrowserScan concept emerged during the
heyday of Java zero-day exploits in 2012. The risk posed by out-of-date browser
addons, especially Java and Flash, was a critical issue for our customers and
the greater security community. The process of scanning each desktop for
outdated plugins was something that many firms couldn't do easily. BrowserScan
helped these firms gather macro-level exposure data about their desktop systems,
providing a quick health-check o
5 min
Exploits
Oracular Spectacular
Nexpose version 5.9.10 includes significant improvements to its Oracle Database
fingerprinting and vulnerability coverage. When configured with appropriate
database credentials, Nexpose scans can accurately identify which patches have
been applied. This post will go through the steps for setting up such a scan, as
well as discuss some of the finer details about Oracle's versioning scheme and
the terminology around their quarterly Critical Patch Update program.
Scanning Oracle Databases with Nex
4 min
Authentication
ControlsInsight: A Step-by-Step Approach to Troubleshoot Missing Assets
ControlsInsight retrieves data from Nexpose, so it is important to make sure
that the site is properly configured. In this blog post, we will go through a
step-by-step procedure of setting up a site configuration that will enable
ControlsInsight to report on all Windows assets. We will also go through a
scenario to troubleshoot why an asset did not make it into ControlsInsight.
Step 1: Things we need
* The list of assets to be scanned either by IP range or hostnames *
ControlsInsight c
2 min
IT Ops
Using D3.js to Graph Your Log Data
At Logentries, we use the open-source D3.js visualization library for a number
of our graphs, including our recently released Insights feature
. In a nutshell, D3 allows you
to efficiently manipulate documents based on data with minimal overhead. While
it could in fact be used for all types of DOM manipulation that you might do
with jQuery instead for example, we have used it purely for its graphing
functionality.
One of the reasons we chose D3 i