6 min
IoT
[IoT Security] Introduction to Embedded Hardware Hacking
Many security professionals and researchers are intrigued by the idea of opening up and exploring embedded technologies but aren’t sure where to start.
12 min
Exploits
Stack-Based Buffer Overflow Attacks: Explained and Examples
Stack-based buffer overflow exploits are likely the shiniest and most common form of exploit for remotely taking over the code execution of a process.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 2/15/19
Crock-Pot cooking with Metasploit
Belkin's Wemo line of smart home
devices offers users a variety of internet-connected gadgets and gizmos they can
control around the home. One of those happens to be a Crock-Pot
. We went ahead and bought one.
Naturally, it made sense for us to write a module
9 min
Research
Level Up Your Internet Intelligence Using the Rapid7 Open Data API and R
Let's take a look at how you can use ropendata in R to search for available studies, download datasets, and explore the data.
2 min
Patch Tuesday
Patch Tuesday - February 2019
Microsoft got back in the swing of things today after a couple of relatively
light months, with over 70 separate CVEs
being addressed.
The usual suspects got patches, including Windows, Office, Browsers (including
Adobe Flash
),
.NET Framework, SharePoint, Exchange, and another slew of JET Database Engi
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 2/8/19
Ubiquitous Devices
Our Rapid7 Labs team pulled the thread
on some recent buzz around exploitable Ubiquiti devices, which led to a new
scanner module (
auxiliary/scanner/ubiquiti/ubiquiti_discover.rb) from jhart-r7
. This module uses a simple UDP protocol to
identify potentially exploitable Ubiquiti devices on your network, a
3 min
Incident Detection
How to Alert on Rogue DHCP Servers
How to alert on rogue DHCP servers using network traffic as a data source. We look at how you can use Wireshark or LANGuardian to detect DHCP servers.
8 min
Vulnerability Management
Understanding Ubiquiti Discovery Service Exposures
On Jan. 29, the Rapid7 Labs team was informed of a tweet by Jim Troutman indicating that Ubiquiti devices were being exploited and used to conduct denial-of-service attacks using a service on 10001/UDP.
4 min
InsightVM
Did You Remediate That? How to Integrate Vulnerability Remediation Projects with Your IT Infrastructure
Remediation projects in InsightVM enable you to follow a vulnerability remediation task from beginning to end by leveraging automation-assisted patching.
4 min
Automation and Orchestration
How Security Orchestration & Automation Can Add Immediate Value
Thanks to security orchestration and automation (SOAR), it is possible to work efficiently with the resources you already have.
3 min
Threat Intel
What Really Happened to the Dark Web Insider Trading Forum KickAss?
The dark web forum KickAss was apparently seized by the US government, but there is much speculation over what really happened.
3 min
Research
Cisco RV320/RV325 Router Unauthenticated Configuration Export Vulnerability (CVE-2019-1653): What You Need to Know
Last week, a critical configuration weakness in Cisco® routers was responsibly disclosed on the Full Disclosure mailing list. Here's what you need to know.
4 min
Penetration Testing
Why a 17-Year Veteran Pen Tester Took the OSCP
Why would a 17-year veteran penetration tester undergo the somewhat costly, time-consuming, and challenging ordeal to obtain what may be considered an entry-level certification?
2 min
Metasploit
Metasploit Wrapup 1/25/19
Hi everyone! For those in the US, hope you all had a great MLK weekend. We have a pretty light release due to the holiday, but we still have some cool stuff in the house. Check it out!
3 min
Detection and Response
PHP Extension and Application Repository (PEAR) Compromise: What You Need to Know
According to the PHP Extension and Application Repository (PEAR), a security breach had been found on the `pear.php.net` web server.