1 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 7/26/19
First!!
Congrats to Nick Tyrer for the first community
contibuted evasion module to land in master. Nick's
evasion/windows/applocker_evasion_install_util module
leverages the
trusted InstallUtil.exe binary to execute user supplied code and evade
application whitelisting.
New modules (4)
* WP Database Backup RCE
by Mikey
Veenstra
/ Wordf
3 min
Cloud Infrastructure
Why the Modern SIEM Is in the Cloud
Let’s talk about why modern SIEM is in the cloud, what core benefits you can expect, and how it is predicted to evolve as we soar toward 2020.
2 min
InsightVM
Ensuring Timely Remediation of Security Risks with Service-Level Agreements (SLAs) in InsightVM
Rapid7 makes it easy for you to set up and track service-level agreements (SLAs) in InsightVM.
4 min
Application Security
Beyond Static Rules: WAF vs. RASP for Better Web Application Security
In this blog post, we’ll discuss the differences between traditional web application firewalls (WAFs) and runtime application self-protection (RASP).
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 7/19/19
RCE with a Key
An exploit module
for Laravel Framework was submitted by community contributor aushack
. The module targets an insecure unserialize call
with the X-XSRF-TOKEN HTTP request header, which was discovered by Ståle
Pettersen. Since the exploit requires the Laravel APP_KEY to reach the
vulnerable unserialize call, aushack included information leak
3 min
Podcast
Why Having the Right Team Is Vital to Advancing Security
On this week's episode of Security Nation, we caught up with David Rogers about his recent royal recognition and how he credits his team for his success.
1 min
Metasploit
End of Sale Announced for Metasploit Community
Today we are announcing end of sale for Metasploit Community Edition, effective immediately.
4 min
Cloud Infrastructure
Your Guide to Securing Multi-Cloud Environments in an IaaS World
In this post, we’ll cover the unique challenges with securing cloud environments, and some best practices specifically focused on securing multi-cloud infrastructure.
3 min
Events
Metasploit Open Source Office Hours: Vegas 2019
The Metasploit crew at Rapid7 is headed out to Las Vegas for DEF CON 27,
bringing a new incarnation of the Open Source Security Meetup (OSSM) with us! We
will have a Metasploit Suite at Bally’s this year, where we’ll be hosting “Open
Source Office Hours” (OSOH). If you’ll be out in Vegas for DEF CON 27, take a
moment and ask yourself:
* Are you currently working on a Metasploit module/payload and could use some
guidance?
* Are you modifying Framework and you’d like to discuss?
* Are you w
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 7/12/19
We hope our American friends had a wonderful Fourth of July weekend! There are
no new modules this week, so instead we're featuring two enhancements that fix
some long outstanding Framework bugs. Check out last week’s holiday wrap-up for
a list of the modules that landed while the U.S. was watching fireworks.
GatherProof (or don't)
Using ssh_login* on certain non-standard devices such as Brocade switches
and Juniper
firewalls
9 min
Vulnerability Management
So, You Think You Can Query?
In this blog, we are going to explore the basics of how to make queries in our cloud-based vulnerability management solution, InsightVM.
3 min
Vulnerability Disclosure
Zoom Video Snooping Security Flaw (CVE-2019-13450): What You Need to Know
Here's what you need to know about the recent Zoom vulnerability disclosure.
4 min
InsightIDR
Securing Your Cloud Environments with InsightIDR, Part 2: Amazon Web Services (AWS)
In this blog, we will talk about threat detection for the world’s most popular cloud host, Amazon Web Services (AWS).
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 7/5/19
Injecting the Time Machine
From contributor timwr comes a new module targeting
Time Machine on macOS 10.14.3 and earlier. Specifically, the tmdiagnose binary
for these vulnerable versions suffers from a command injection vulnerability
that can be exploited via a specially crafted disk label. This new module uses
an existing session for exploitation on the target, allowing the Framework user
to run a payload as root.
What’s on TV?
If you are nearby to a vulnerable Supr
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 6/28/19
I am Root
An exploit module
for Nagios XI v5.5.6 was added by community contributor yaumn
. This module includes two exploits chained together
to achieve code execution with root privileges, and it all happens without
authentication. A single unsanitized parameter in magpie_debug.php enables the
ability to write arbitrary PHP code to a publicly accessible directory and get
code execution. Privilege escalation