4 min
Compliance
Rapid7 Makes Security Compliance Complexity a Thing of the Past With InsightIDR
Here are three ways InsightIDR has been built to elevate and simplify your compliance processes.
3 min
Metasploit
Metasploit Wrap-Up: Aug. 26, 2022
Zimbra Auth Bypass to Shell
Ron Bowes added an exploit module
that targets
multiple versions of Zimbra Collaboration Suite. The module leverages an
authentication bypass (CVE-2022-37042) and a directory traversal vulnerability
(CVE-2022-27925) to gain code execution as the zimbra user. The auth bypass
functionality correctly checks for a valid session; however, the function that
performs the check does not
1 min
Public Policy
Incident Reporting Regulations Summary and Chart
A growing number of regulations require organizations to report cybersecurity incidents. This chart summarizes 11 proposed and current cyber incident reporting regulations and breaks down their common elements, such as who must report, what incidents must be reported, deadlines, and more.
1 min
Lost Bots
[The Lost Bots] S02E03: Browser-in-Browser Attacks — Don't Get (Cat)-Phished
In this Lost Bots episode, our hosts talk phishing — not the everyday kind, but a new technique known as browser-in-browser attacks.
2 min
Security Operations (SOC)
Cybersecurity Analysts: Job Stress Is Bad, but Boredom Is Kryptonite
Repetitive tasks are a big part of a cybersecurity analyst’s day. But combining monotony with the need for attentiveness can be kryptonite.
9 min
Public Policy
Avoiding Smash and Grab Under the SEC’s Proposed Cyber Rule
The SEC proposed a rule to require companies to publicly report cybersecurity incidents. This post explains why public disclosure of an incident before mitigation or containment raises the risk of harm, and suggests a solution that avoids harm while still promoting disclosure.
3 min
Threat Intel
Network Access for Sale: Protect Your Organization Against This Growing Threat
Vulnerable network access points are a potential gold mine for threat actors. We look at the techniques they use and best practices for prevention.
3 min
Metasploit
Metasploit Wrap-Up: 8/19/22
Advantech iView NetworkServlet Command Injection
This week Shelby Pace has developed a new exploit
module for CVE-2022-2143
. This
module uses an unauthenticated command injection vulnerability to gain remote
code execution against vulnerable versions of Advantech iView software below
5.7.04.6469. The software runs as NT AUTHORITY\SYSTEM, granting the module user
unauthenticated privileged access
4 min
Research
Pushing Open-Source Security Forward: Insights From Black Hat 2022
Here's a look at two Rapid7 researchers' presentations from Black Hat 2022, and how their efforts are helping push open-source security forward.
3 min
Detection and Response
360-Degree XDR and Attack Surface Coverage With Rapid7
Leverage InsightIDR, Threat Command, and InsightConnect to unlock a complete view of your attack surface with unmatched signal to noise.
1 min
Rapid7 Culture
Leading the Way in Tampa
It's an exciting time to be a part of the tech scene in Tampa, and Rapid7 is smack in the middle.
4 min
Emergent Threat Response
Active Exploitation of Multiple Vulnerabilities in Zimbra Collaboration Suite
Five vulnerabilities affecting Zimbra Collaboration Suite have come to our attention, one that is unpatched and four that are actively being exploited.
3 min
Application Security
Are Your Apps Exposed? Know Faster With Application Discovery in InsightAppSec
InsightAppSec's new application discovery feature, powered by Rapid7's Project Sonar, helps security teams know what apps are exposed to the internet.
2 min
Events
[VIDEO] An Inside Look at Black Hat 2022 From the Rapid7 Team
Here's a look at the highlights from Black Hat 2022 in Las Vegas, as told by three of our Rapid7 team members who attended.
3 min
Metasploit Weekly Wrapup
Metasploit Weekly Wrap-Up: 8/12/22
Putting in the work!
This week we’re extra grateful for the fantastic contributions our community
makes to Metasploit. The Metasploit team landed more than 5 PRs each from Ron
Bowes and bcoles ,
adding some great new capabilities.
Ron Bowes contributed four new modules targeting
UnRAR, Zimbra, and ManageEngine ADAudit Plus. These modules offer Metasploit
users some excellent new vectors to leverage against