2 min
Metasploit
Metasploit Weekly Wrap-Up 09/06/2024
Honey, I shrunk the PHP payloads
This release contains more PHP payload improvements from Julien Voisin. Last
week we landed a PR from Julien that added a datastore option to the php/base64
encoder that when enabled, will use zlib to compress the payload which
significantly reduced the size, bringing a payload of 4040 bytes down to a mere
1617 bytes. This week's release includes a php/minify encoder which removes all
unnecessary characters from the payload including comments, empty lines, leadin
17 min
Vulnerability Disclosure
CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)
Apache OFBiz below 18.12.16 is vulnerable to unauthenticated remote code execution (CVE-2024-45195) on Linux and Windows. Exploitation is facilitated by bypassing previous patches.
4 min
Metasploit
Metasploit Weekly Wrap-Up 08/30/2024
A New Way to Encode PHP Payloads
A new PHP encoder has been released by a community contributor, jvoisin
, allowing a PHP payload to be encoded as an
ASCII-Hex string. This can then be decoded on the receiver to prevent issues
with unescaped or bad characters.
Ray Vulnerabilities
This release of Metasploit Framework also features 3 new modules to target
ray.io, which is a framework for distributing AI-related workloads across
multiple machines, which makes it an exce
1 min
Events
Command with Confidence: Insights from Andrew Bustamante
At the recent Take Command Summit, former CIA intelligence officer and US Air Force combat veteran Andrew Bustamante shared valuable tools, tactics, and techniques from elite intelligence agencies with Rapid7’s Americas Field CTO Jeffrey Gardner in an informal chat.
2 min
InsightCloudSec
Assessing Container Images Across Private Registries with InsightCloudSec
As the adoption of container technology has grown, so too has the importance of securing these environments.
1 min
Metasploit
Metasploit Weekly Wrap-Up 08/23/2024
New module content (3)
Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)
Authors: Michael Heinzl and Tenable
Type: Auxiliary
Pull request: #19373
contributed by h4x-x0r
Path: admin/http/fortra_filecatalyst_workflow_sqli
AttackerKB reference: CVE-2024-5276
Description: This adds an auxiliary module to exploit the CVE-2024-5276, a SQL
inj
2 min
Events
Key Takeaways From The Take Command Summit: Navigating New SEC Cybersecurity Disclosure Rules
Understanding and complying with the new SEC Cybersecurity Disclosure Rules is a daunting task for many organizations. The Rapid7 Take Command Summit provided an in-depth look at these regulations, offering valuable guidance for cybersecurity professionals.
4 min
Risk Management
Preparing for Unknown Risks:
How to Better Prepare for Risks You Can't See Yet
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behaviour amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity.
5 min
Ransomware
Selling Ransomware Breaches: 4 Trends Spotted on the RAMP Forum
The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks.
3 min
Gartner
5 Key Insights from the Gartner® Market Guide for Cloud-Native Application Protection Platforms (CNAPP)
The 2024 Gartner Market Guide for Cloud-Native Application Protection Platforms (CNAPP) provides invaluable insights into the latest trends and technologies that are reshaping how companies protect their digital assets.
2 min
Metasploit
Metasploit Weekly Wrap-Up 08/16/2024
New module content (3)
Apache HugeGraph Gremlin RCE
Authors: 6right and jheysel-r7
Type: Exploit
Pull request: #19348
contributed by jheysel-r7
Path: linux/http/apache_hugegraph_gremlin_rce
AttackerKB reference: CVE-2024-27348
Description: Adds an Apache HugeGraph Server exploit for GHSA-29rc-vq7f-x335
1 min
Events
Key Takeaways From The Take Command Summit: Enhancing Cybersecurity Culture
Building a resilient cybersecurity culture is crucial in today's digital landscape. The recent Rapid7 Take Command Summit session titled "Commander in Chief: Enhancing Cybersecurity Culture" offered valuable insights into fostering a strong security mindset within organizations.
4 min
Career Development
Brandon Adkins’ Career Journey - Taking Chances and Tackling New Challenges
Brandon Adkins is the Manager of our Threat Intelligence & Detection Engineering (TIDE) team. His career journey spans a variety of roles and teams where he has been able to showcase his technical skills in security.
4 min
Events
Black Hat USA 2024: Key Takeaways and Industry Trends
As is always the case at Black Hat 2024, the cybersecurity community was buzzing with the latest innovations and insights from their favorite vendors, industry speakers and training sessions.
15 min
Patch Tuesday
Patch Tuesday - August 2024
Heavy-hitting edition of PT with 10 zero-days. Windows Downdate downgrade attack, Windows WinSock EoP, Windows Kernel EoP, MotW bypass, and several others.