2 min
Metasploit
Metasploit Wrap-Up: Feb. 7, 2020
In the week after our CTF, we hope the players had a good time and got back to
their loved ones, jobs, lives, studies, and most importantly, back to their beds
(and you can find out who the winners were here
!).
For the Metasploit team, we went back to baking up fresh, hot modules and
improvements that remind us in this flu season to not just wash your hands, but
also, sanitize your inputs!
SOHOwabout a Shell?
Several
3 min
InsightConnect
InsightConnect Customer Hendrick Automotive Group Benefits from Integrations and Alert Triggers
We spoke with Hendrick Automotive Group’s director of information security about his experience with InsightConnect and its connection to InsightIDR.
2 min
InsightCloudSec
Security Isn’t a Four-Letter Word: How Infrastructure as Code (IaC) Amplifies DevOps Through the Inclusion of Security
Our fast-paced lives are fueled by innovative, cloud-native companies. We are able to watch our favorite programs and movies from anywhere in the world on any device. We are able to collaborate with our colleagues on an upcoming presentation, regardless of whether we’re in the office or at home.
4 min
AWS
How to Identify, Prioritize and Remediate Vulnerabilities in the Cloud
In part two of our series on security in the cloud, we’ll discuss how to detect, prioritize, and remediate vulnerabilities that you find in your cloud environment.
5 min
Research
DOUBLEPULSAR over RDP: Baselining Badness on the Internet
How many internet-accessible RDP services have the DOPU implant installed? How much DOPU-over-RDP traffic do we see being sprayed across the internet?
22 min
Research
DOUBLEPULSAR RCE 2: An RDP Story
In this sequel, wvu recounts the R&D (in all its
imperfect glory) behind creating a Metasploit module for the DOUBLEPULSAR
implant's lesser-known RDP variant. If you're unfamiliar with the more common
SMB variant, you can read our blog post
detailing how we achieved RCE with it.
Table of Contents
0. Background
1. Extracting the implant
2. Installing the implant
3. Pinging the implant
4.
2 min
Metasploit
Congrats to the Winners of the 2020 Metasploit Community CTF
After four days of competition and a whole lot of “trying harder,” we have the
winners of this year's Metasploit community CTF
. We've included some
high-level stats from the game below; check out the scoreboard here
. If you played the CTF and want to let
the Metasploit team know which challenges you found exhilarating, interesting,
or infuriating (in a good way, of course), we have a feedback surve
3 min
Penetration Testing
What You Need to Know to Get Started in the Penetration Testing Field
In this blog, we sat down with our own penetration testers to answer some of your questions to help get you started in the field.
2 min
Metasploit
Metasploit Team Announces Beta Sign-Up for AttackerKB
AttackerKB is a knowledge base of vulnerabilities and informed opinions on what makes them valuable (or not) targets for exploitation.
5 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 1/31/20
Happy CTF week, folks! If you haven't already been following along with (or
competing in) Metasploit's global community CTF
, it started
yesterday and runs through Monday morning U.S. Eastern Time. Registration has
been full for a while, but you can join the #metasploit-ctf channel on Slack
to participate in the joy and frustration
vicariously.
This week's Metasploit wrap-up takes a look back at work done
3 min
Vulnerability Management
How to Measure the ROI of Your Vulnerability Risk Management Solution
In this blog, we discuss the seven key criteria you should consider when picking and measuring the efficacy of a vulnerability management solution.
2 min
Vulnerability Disclosure
R7-2019-40: Bloomsky SKY2 Weather Camera Station Data Authenticity and Exposure Vulnerabilities
Multiple information leak vulnerabilities are present in the Bloomsky SKY2 network, obtainable via JSON queries.
4 min
Government
An update on trade
In light of recent activity on US trade agreements, here is a quick update on developments with regard to US-China, US-Mexico-Canada, and US-Japan. This summary focuses on technology and cybersecurity-related issues affecting private enterprises.
8 min
InsightIDR
How to Analyze Your Log Data Using the Log Search API in InsightIDR
In this blog, we discuss how to analyze your log data using InsightIDR's Log Search API.
3 min
Metasploit
Metasploit Wrap-up: 1/24/20
Transgressive Traversal
Contributor Dhiraj Mishra authored a neat Directory
Traversal module
targeted at NVMS-1000 Network Surveillance Management Software developed by TVT
Digital Technology. Permitting the arbitrary downloading of files stored on a
machine running compromised software
, this module becomes all the more attractive when you consider it's providing