2 min
Emergent Threat Response
Widespread Exploitation of Zyxel Network Devices
Rapid7 is tracking reports of ongoing exploitation of CVE-2023-28771, a critical unauthenticated command injection vulnerability affecting multiple Zyxel networking devices.
6 min
Metasploit
Fetch Payloads: A Shorter Path from Command Injection to Metasploit Session
Rapid7 is pleased to announce the availability of Metasploit fetch payloads, which increase efficiency and user control over the commands executed.
3 min
Managed Detection and Response (MDR)
Healthcare Orgs: Do You Need an Outsourced SOC?
Learn how your healthcare organization can benefit from cybersecurity managed services and an outsourced SOC.
2 min
DFIR
VeloCON 2023: Submissions Wanted!
Our 2nd annual VeloCON virtual summit will be held this September, and the call for presentations closes Monday, July 17, 2023.
2 min
Cloud Security
Casting a Light on Shadow IT in Cloud Environments
Shadow IT typically refers to the use of consumer apps or services without explicit IT approval. However, it can also occur at a cloud infrastructure level.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 5/19/23
Fetch Based Payloads: Making the Path from Command Injection to Metasploit
Session Shorter
This week we’re releasing Metasploit fetch payloads. Fetch payloads are
command-based payloads that leverage network-enabled applications on remote
hosts and different protocol servers to serve, download, and execute binary
payloads. Over the last year, two thirds of the exploit modules landed to
Metasploit Framework were command injection exploits. These exploits will be
much easier to write with our new
3 min
InsightCloudSec
Introducing: ‘Saved Filters’ in InsightCloudSec
New InsightCloudSec release includes "Saved Filters" capability, which lets users save filter combinations they use regularly.
5 min
Managed Detection and Response (MDR)
Rapid7 Recognized as a Strong Performer in The Forrester Wave™ for MDR, Q2 2023
Rapid7 is proud to be recognized amongst the top 13 vendors, as a Strong Performer, in The Forrester WaveTM: Managed Detection and Response, Q2 2023.
2 min
Emergent Threat Response
CVE-2023-27350: Ongoing Exploitation of PaperCut Remote Code Execution Vulnerability
CVE-2023-27350 is an unauthenticated remote code execution vulnerability in PaperCut MF/NG print management software. A patch is available for this vulnerability and should be applied on an emergency basis.
4 min
Metasploit
Metasploit Wrap-Up: May 12, 2023
New modules for Zyxel Router RCE, Pentaho Business Server Auth Bypass, ManageEngine ADAudit authenticated file write RCE, and HTTPTrace functionality added to scanner modules
1 min
Lost Bots
[The Lost Bots] S03E03. The Rise of The Machines
In this episode of The Lost Bots, Rapid7's Jeffrey Gardner and Stephen Davis discuss the state of AI today and where its going.
9 min
DFIR
The Velociraptor 2023 Annual Community Survey
Rapid7's Velociraptor team distributed our first community survey in early 2023. Here's what we learned!
9 min
Vulnerability Management
Patch Tuesday - May 2023
A relatively light 49 vulnerabilities patched in May 2023, including a new entry method for BlackLotus bootkit malware.
3 min
Metasploit
Metasploit Weekly Wrap-Up: May 5, 2023
Throw another log on the fire
Our own Stephen Fewer authored a module targeting CVE-2023-26360
affecting ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update
15 and earlier. The vulnerability allows multiple paths to code execution, but
our module works by leveraging a request that will result in the server
evaluating the ColdFusion Markup language on an arbitrary file on the remote
system. This all
11 min
Penetration Testing
AppDomain Manager Injection: New Techniques For Red Teams
This article details a variety of ways to perform and utilize AppDomain Manager Injection during red team operations.