3 min
Cloud Security
Hallmark Channel: Securing the Season
In 2021, Hallmark Channel finished as the number one network among “women 18 and above”, which led to $147.8 million in revenue generated from holiday programming alone. It’s safe to assume the company doesn’t want intellectual property (IP) theft cutting into those kinds of returns.
4 min
Cloud Security
Cloud Security and Compliance Best Practices: Highlights From The CSA Cloud Controls Matrix
In this blog post, we’ll dive into one of the most commonly-used cloud security standards for large, multi-cloud environments: the CSA Cloud Controls Matrix (CCM).
2 min
Emergent Threat Response
CVE-2022-41080, CVE-2022-41082: Rapid7 Observed Exploitation of `OWASSRF` in Exchange for RCE
Beginning December 20, 2022, Rapid7 has responded to an increase in the number of Microsoft Exchange server compromises. Further investigation aligned these attacks to what CrowdStrike is reporting as “OWASSRF”.
4 min
Vulnerability Disclosure
Cengage LTI Session Management Leakage
Cengage, an education technology provider in use in many higher education environments primarily in the United States, had two issues in the way it handled session management over its Learning Tools Integration (LTI) pipeline.
3 min
Cybersecurity
ICYMI: 10 Cybersecurity Acronyms You Should Know in 2023
Cybersecurity is acronym-heavy to say the least. If you’re reading this, you already know. However, even the nerdiest among us miss a few. So, here are 10 cybersecurity acronyms you should know in 2023.
1 min
Lost Bots
[The Lost Bots] S02E06: Play “Experts or Scuttlebutt?” With Us
As the year winds down, we collected predictions that were made for 2022, and new ones for 2023. Then, we asked our Rapid7 colleagues to decide if the prediction was made by a cybersecurity expert—or if it was scuttlebutt.
4 min
Metasploit
Metasploit Weekly Wrap-Up: 12/16/22
A sack full of cheer from the Hacking Elves of Metasploit
It is clear that the Metasploit elves have been busy this season: Five new
modules, six new enhancements, nine new bug fixes, and a partridge in a pear
tree are headed out this week! (Partridge nor pear tree included.) In this sack
of goodies, we have a gift that keeps on giving: Shelby’s
Acronis TrueImage Privilege Escalation
works wonderfully,
even
4 min
Cloud Security
Spoiler Alert: Your Favorite Content Might Not Be Secure
In this blog, we look at the macro issue of the entertainment business shifting to a streaming-first focus and the increased need for content and IP security.
3 min
Compliance
Cloud Audit: Compliance + Automation
Today’s regulatory environment is incredibly fractured and extensive. However, deploying a cloud security posture management (CSPM) can ease the administrative burden associated with staying in compliance.
1 min
Emergent Threat Response
CVE-2022-27518: Critical Fix Released for Exploited Citrix ADC, Gateway Vulnerability
On Tuesday, December 13, 2022, Citrix published Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27518 announcing fixes for a critical unauthenticated remote code execution (RCE) vulnerability.
6 min
Vulnerability Management
Patch Tuesday - December 2022
48 new CVEs (plus 24 affecting Chromium-based Edge) published by Microsoft, including two zero-day vulnerabilities, one of which has been seen actively exploited.
4 min
Cybersecurity
Tis the Season to Be Wary: Three Holiday Shopping Scams To Watch For
The holiday season is a potential goldmine for scammers. Thankfully, if you know what to look for it's relatively easy to stay safe.
2 min
Emergent Threat Response
CVE-2022-42475: Critical Unauthenticated Remote Code Execution Vulnerability in FortiOS; Exploitation Reported
Today FortiGuard Labs published advisory FG-IR-22-398 regarding a “heap-based buffer overflow vulnerability in FortiOS SSL-VPN. FortiGuard Labs has confirmed at least one instance of the vulnerability being exploited in the wild.
1 min
Rapid7 Culture
Rapid7 Recognized as a Top Place to Work for 11th Consecutive Year
On November 30th, 2022, Rapid7 was again recognized by The Boston Globe as a Top Place to Work in Massachusetts. This marks the 11th consecutive year Rapid7 has made the list, this time coming in at #3 in the large company category.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 12/9/22
Login brute-force utility
Jan Rude added a new module that gives users the
ability to brute-force login for Linux Syncovery. This expands Framework's
capability to scan logins to Syncovery, a popular web GUI for backups.
WordPress extension SQL injection module
Cydave , destr4ct , and
jheysel-r7 contributed a new module that takes
advantage of a vulnerable WordPress extension. Thi