3 min
InsightAppSec
How Our New Jenkins Integration for InsightAppSec Enables DevSecOps Collaboration
Rapid7 is excited to announce the release of an integration to integrate InsightAppSec within Jenkins to improve release cycles and reduce vulnerabilities.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 11/15/19
Pulse Secure VPN exploit modules, a notable BlueKeep exploit reliability improvement, and an overhaul of MSF's password cracking integration, including new support for hashcat.
3 min
Public Policy
What Is Texas Senate Bill 820, and How Will It Affect Your School District?
In this post, we share how SB 820 will affect your school and district, and how you can respond by selecting a framework to improve your security program.
6 min
We Don’t Want White Font: Office Macros, Evasion, and Malicious Self-Reference
We identified the use of a document that leverages malformed headers, white fonts, and embedded VBA macros that execute the document’s contents via WScript.
5 min
Security Operations (SOC)
How to Develop a Common Language for Security Buy-In Across Your Business
In this blog, we break-down what keeps organizations from advancing their security programs, and how businesses can establish security priorities.
3 min
Patch Tuesday
Patch Tuesday - November 2019
November's Patch Tuesday is upon us and, this month, Microsoft addressed 74
vulnerabilities of which one Internet Explorer vulnerability (CVE-2019-1429
) has been seen under active exploitation. By prioritizing the released
Microsoft Windows and Internet Explorer patches, the door to 58 of the 74
vulnerabilities will be closed off. Also, for the second month in a row, this
Patch Tuesday sees an absent security upd
3 min
IoT
IoT Security and Risk: What Is It, Where Is It Heading, and How Do We Embrace It?
In this blog, we discuss what security professionals should be doing to secure their IoT devices and where companies often go wrong with IoT security.
4 min
InsightIDR
Be Audit You Can Be, Part 2: How to Parse Out Fields in Your Logs
In this blog, we take a look at how InsightIDR’s Custom Data Parsing tool can make quick work of parsing out those interesting fields in the logs.
2 min
Metasploit
Metasploit Wrap-Up: Nov. 8, 2019
Config R Us
Many versions of network management tool rConfig are vulnerable to
unauthenticated command injection, and contributor bcoles
added a new exploit module
for targeting those
versions. Present in v3.9.2 and prior, this vulnerability centers around the
install directory not being automatically cleaned up following software
installation, leaving behind a PHP file that can be utilized to execute
arbitr
2 min
#Rapid7GivesBack Month: Moose That Drive Impact Together
At Rapid7, we are committed to giving back to the community and making an impact together through #Rapid7GivesBack month.
4 min
InsightVM
The Anatomy of RDP Exploits: Lessons Learned from BlueKeep and DejaBlue
In this blog, we discuss lessons learned from RDP exploits such as BlueKeep and DejaBlue, and how organizations can be protected form future vulnerabilities.
5 min
InsightAppSec
New Azure DevOps Pipelines Extension for InsightAppSec Helps Improve Web App Security
Rapid7 is excited to announce the release of a new extension to incorporate InsightAppSec within Azure DevOps Pipelines.
10 min
Detection and Response
Unlocking the Power of the InsightIDR Threat API, Part 2
In this post, we’ll demonstrate how to scrape a few sites for possible bad actors using InsightIDR.
1 min
Metasploit
Metasploit Wrap-Up 11/1/19
This week's Metasploit wrap-up ships a new exploit module against Nostromo, a
directory traversal vulnerability that allows system commands to be executed
remotely. Also, improvements have been made for the grub_creds module for better
post exploitation experience against Unix-like machines. Plus a few bugs that
have been addressed, including the -s option for NOPs generation, the
meterpreter prompt, and reverse_tcp hanging due to newer Ruby versions.
New modules (1)
* Nostromo Directory Trave
3 min
Podcast
From Security Police to Security Advocates: How to Create a Champion Program
In our most recent episode of Security Nation, we had the pleasure of speaking with Mark Geeslin about his work creating an internal Security Mavens program at Asurion.