2 min
Research
A Deep Dive into Reversing CODESYS
This white paper offers a technical deep dive into PLC protocols and how to safely scan CODESYS-based ICS networking stacks.
2 min
Rapid7 Culture
Rapid7 and USF: Building a diverse cybersecurity workforce is not optional
Rapid7 and the University of South Florida (USF) have announced a joint research lab aimed at increasing diversity in the cybersecurity workforce.
4 min
Metasploit
Metasploit Weekly Wrap-Up: 2/10/23
Taking a stroll down memory lane (Tomcat Init Script Privilege Escalation)
Do you remember the issue with Tomcat init script that was originally discovered
by Dawid Golunski back in 2016 that
led to privilege escalation? This week's Metasploit release includes an exploit
module for CVE-2016-1240 by h00die . This
vulnerability allows any local users who already have tomcat accounts to perform
privilege escalation and gain acc
2 min
Research
Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974
Rapid7 research has found that nearly 19,000 ESXi servers likely remain vulnerable to CVE-2021-21974, which is being exploited in the ESXiArgs campaign.
5 min
Research
Evasion Techniques Uncovered: An Analysis of APT Methods
DLL search order hijacking and DLL sideloading are commonly used by nation state sponsored attackers to evade detection.
4 min
InsightIDR
Year In Review: Rapid7 InsightIDR
In 2022, We worked with our most forward-deployed practitioners to develop address detection and response pain points and meet specific goals.
2 min
Rapid7 Culture
Rapid7 Recognized on Bloomberg Gender Equality Index, Continues Commitments to Support DEI
For the fifth year in a row, Rapid7 has been included in the Bloomberg Gender Equality Index.
2 min
Emergent Threat Response
CVE-2022-21587: Rapid7 Observed Exploitation of Oracle E-Business Suite Vulnerability
Emergent threats evolve quickly, and as we learn more about this vulnerability,
this blog post will evolve, too.
Rapid7 is responding to various compromises arising from the exploitation of
CVE-2022-21587 , a critical
arbitrary file upload vulnerability (rated 9.8 on the CVSS v3 risk metric)
impacting Oracle E-Business Suite (EBS). Oracle published a Critical Patch
Update Advisory in
Octob
13 min
Vulnerability Disclosure
Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)
Rapid7 has discovered, and is now disclosing, eight XSS issues affecting four on-premises document management systems. As of this disclosure, none have patches available.
2 min
Emergent Threat Response
CVE-2023-22501: Critical Broken Authentication Flaw in Jira Service Management Products
Atlassian has published an advisory for CVE-2023-22501, a critical broken authentication vulnerability affecting Jira service management products.
2 min
Emergent Threat Response
Ransomware Campaign Compromising VMware ESXi Servers
Hosting provider OVH and French CERT has issued a warning about a ransomware campaign that appears to be using CVE-2021-21974 to target VMware ESXi servers.
4 min
Metasploit
Metasploit Weekly Wrap-Up: 2/2/23
Metasploit 6.3 is out!
Earlier this week we announced the release of Metasploit 6.3 which came with a
tonne of new modules and improvements.
The whole team worked super hard on this and we're very excited that everyone
can now get their hands on it and all of the new features it has to offer!
I won't go over everything we did here because we have a whole separate blog
post
dedicated to the 6.3 release that you shou
3 min
Emergent Threat Response
Exploitation of GoAnywhere MFT zero-day vulnerability
A warning has been issued about an actively exploited zero-day vulnerability affecting on-premise instances of Fortra’s GoAnywhere MFT.
9 min
Application Security
Troubleshooting InsightAppSec Authentication Issues
This article details common issues with macro, traffic, and selenium authentication and details how to troubleshoot them.
2 min
Detection and Response
XDR, the Beatles, and Blunt Instruments
The average security team is now managing 76 tools. If you are in that boat and looking to consolidate, our new XDR Buyers Guide can help.