4 min
Detection and Response
What’s New in Rapid7 Detection & Response: Q2 2023 in Review
Rapid7 is excited to share another quarter of new Detection & Response capabilities and improvements.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 7/7/23
Apache RocketMQ
We saw some great teamwork this week from jheysel-r7
and h00die to bring
you an exploit module for CVE-2023-33246
.
In Apache RocketMQ version 5.1.0 and under, there is an access control issue
which the module leverages to update the broker's configuration file without
authentication. From here we can gain remote code execution as whichever user is
ru
2 min
Reports
The Japanese Automotive Industry Attack Landscape
We also took a look at some of the hardest hit industries and it should come as no surprise that some of the most commonly attacked companies are in industries where Japan currently excels on a global scale
3 min
Penetration Testing
PenTales: “User enumeration is not a vulnerability” – I beg to differ
In this series, we’re going to share some of our favorite tales from the pen test desk and hopefully highlight some ways you can improve your own organization’s security.
2 min
Security Operations
Showcasing SecOps Metrics That Matter
Our latest ebook, Presenting Upward: How to Showcase SecOps Metrics That Matter offers practical and actionable advice on how to present security metrics in a language execs understand.
3 min
Partners
Alerting Rules: InsightIDR Raises the Bar for Visibility and Coverage
Rapid7 user George Schneider of Listrak discusses why InsightIDR has become an essential resource for maintaining the company's security posture.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 6/30/23
Nothing but .NET?
Smashery continues to… smash it by updating our .NET assembly execution module.
The original module allowed users to run a .NET exe as a thread within a process
they created on a remote host. Smashery’s improvements let users run the
executable within a thread of the process hosting Meterpreter and also changed
the I/O for the executing thread to support pipes, allowing interaction with the
spawned .NET thread, even when the other process has control over STDIN and
STDOUT. The
4 min
Vendor Consolidation
Four Signs You Need to Consolidate Your Tech Stack
Learn how consolidation can improve productivity, visibility, and reporting as well as bridge staff resourcing gaps.
4 min
Vulnerability Management
What’s New in InsightVM and Nexpose: Q2 2023 in Review
In Q2, InsightVM and Nexpose got an improved UI for the Console, custom policy for Agent-Based assessment, a new dashboard card, and more.
2 min
MSSP
Rapid7 Solutions for Partners
Rapid7's unified security operations technology platform makes it easy for MSSPs to build services around an array of security solutions.
3 min
Attack Surface Management
The Japanese Threat Landscape: A Report on Cyber Threats in the Third Largest Economy on Earth
In this new report, Rapid7 analyzes Japan’s threat landscape and some of the largest cyber concerns affecting Japanese organizations.
1 min
Cloud Security
Standardizing SaaS Data to Drive Greater Cloud Security Efficacy
We are excited to announce availability of AWS AppFabric integration for InsightIDR. AWS AppFabric normalizes application data into the OCSF format.
3 min
Cloud Security
Uncover and Remediate Toxic Combinations with Attack Path Analysis
Attack Path Analysis enables users to quickly identify potential avenues that bad actors could use to access and navigate your cloud environment.
2 min
Metasploit
Metasploit Weekly Wrap-Up: 6/23/23
I like to MOVEit, MOVEit, We like to MOVEit!
Party hard just like it's Mardi Gras! bwatters-r7
delivered the dance moves this week with a
masterful performance. The windows/http/moveit_cve_2023_34362 module is
available for all your party needs, taking advantage of CVE-2023-34362
, this
module gets into the MOVEit database and nets shells to help you "Keep on
jumpin' off the floor"!
New modul
22 min
Vulnerability Disclosure
Multiple Vulnerabilities in Fortra Globalscape EFT Administration Server [FIXED]
Rapid7 has uncovered four issues in Fortra Globalscape EFT, the worst of which can lead to remote code execution.