3 min
Emergent Threat Response
Fortinet FortiManager CVE-2024-47575 Exploited in Zero-Day Attacks
On Wednesday, October 23, 2024, security company Fortinet published an advisory on CVE-2024-47575, a critical zero-day vulnerability affecting their FortiManager network management solution.
3 min
Metasploit
Metasploit Weekly Wrap-Up 10/18/2024
ESC15: EKUwu
AD CS continues to be a popular target for penetration testers and security
practitioners. The latest escalation technique (hence the the ESC in ESC15) was
discovered by
Justin Bollinger with details being released just last
week. This latest configuration flaw has common issuance requirements to other
ESC flaws such as requiring no authorized signatures or manager approval.
Additionally, templa
4 min
Career Development
7 Rapid Questions on our Belfast Placement Programme: Orla Magee and Paddy McDermott
Software Engineers Orla Magee and Paddy McDermott share what the interview process looked like for them, along with impactful projects and advice for others exploring Rapid7’s Placement Programme.
5 min
Attack Surface Security
Understanding your Attack Surface: Different Approaches to Asset Discovery
In this post, we’ll delve intoprocess of discovering assets. We cannot secure what we cannot see so getting this piece right is foundational to the success of your ASM program. This blog will explore four different methods of asset discovery starting with the most basic, deployed software agents.
1 min
IoT
Root Access for Data Control: A DEF CON IoT Village Story
Our perennial IoT hacking presenter, Principal Security Researcher, IoT, Deral Heiland, along with Rapid7 pentest team members, showed attendees many methods of extracting firmware from IoT devices and manipulating the systems in the name of control and operations.
2 min
Rapid7 Culture
Test Driving a New Benefit Programme in Belfast
Rapid7’s electric vehicle scheme was rolled out in late 2023 for Belfast employees. The programme enables employees to lease an electric car via their employer and pay for it on a salary sacrifice basis, offering substantial tax and national insurance savings.
13 min
Vulnerability Management
Patch Tuesday - October 2024
5 zero-days. Configuration Manager pre-auth RCE. RDP RPC pre-auth RPC. Winlogon EoP. Hyper-V container escape. curl o-day RCE late patch. Management console zero-day RCE. Windows 11 lifecycle changes.
2 min
Metasploit
Metasploit Weekly Wrap-Up 10/04/2024
New module content (3)
cups-browsed Information Disclosure
Authors: bcoles and evilsocket
Type: Auxiliary
Pull request: #19510
contributed by bcoles
Path: scanner/misc/cups_browsed_info_disclosure
Description: Adds scanner module to retrieve CUPS version and kernel version
information from cups-browsed services.
Acronis Cyber Infrastructure default password remote code execution
Authors: Acronis Internatio
5 min
Attack Surface Security
The Main Components of an Attack Surface Management (ASM) Strategy
In part one of this blog series, we looked at some of the core challenges that are driving the demand for a new approach to Attack Surface Management. In this second blog I explore some of the key technology approaches to ASM and also some of the core asset types we need to understand.
7 min
Labs
Ransomware Groups Demystified: CyberVolk Ransomware
As part of our ongoing efforts to monitor emerging cyber threats, we have analyzed the activities of CyberVolk, a politically motivated hacktivist group that transitioned into using ransomware and has been active since June 2024.
4 min
Vulnerability Management
Modernizing Your VM Program with Rapid7 Exposure Command: A Path to Effective Continuous Threat Exposure Management
This is where continuous threat exposure management (CTEM) comes into play – an approach that shifts the focus from merely identifying vulnerabilities to understanding and mitigating exposures across the entire attack surface.
7 min
Product Updates
What’s New in Rapid7 Products & Services: Q3 2024 in Review
This was one of the most exciting quarters at Rapid7 as we announced the next chapter in our mission to give customers command of their attack surface: the Rapid7 Command Platform, our unified threat exposure and detection and response platform.
3 min
Attack Surface Security
Proactive Visibility Is Foundational to Strong Cybersecurity
Exposures are more than CVEs, so organizations need to move beyond the traditional thinking of vulnerability management to a holistic view.
3 min
Metasploit
Metasploit Weekly Wrap-Up 09/27/2024
Epic Release!
This week's release includes 5 new modules, 6 enhancements, 4 fixes and 1
documentation update. Among the new additions, we have an account take over, SQL
injection, RCE, and LPE! Thank you to all the contributors who made it possible!
New Module Content (5)
Cisco Smart Software Manager (SSM) On-Prem Account Takeover (CVE-2024-20419)
Authors: Michael Heinzl and Mohammed Adel
Type: Auxiliary
Pull request: #19375
contribut
3 min
Emergent Threat Response
Multiple Vulnerabilities in Common Unix Printing System (CUPS)
Multiple unpatched vulnerabilities were publicly disclosed in the Common Unix Printing System (CUPS), a popular IPP-based open-source printing system.