所有的帖子

Metasploit每周总结2024年3月1日

Metasploit adds an RCE exploit for ConnectWise ScreenConnect 和 new documentation for exploiting ESC13.

How To Hunt For UEFI Malware Using 伶盗龙

UEFI threats have historically been limited in number 和 mostly implemented by 民族国家行为者是隐形的持久性. 然而，最近的扩散 of Black Lotus on the dark web, Trickbot enumeration module (late 2022), 和 Glupteba (November 2023) indicates that this historical trend may be changing. With this context, it is becoming important for security practitioners to underst和 visibility 和 collection capabilities for UEFI threats [http://tbnjtb.phyto-larme.net/info/underst和ing

4分钟 Metasploit

Metasploit每周总结2024年2月23日

LDAP捕获模块 Metasploit now has an LDAP capture module thanks to the work of JustAnda7 [http://github.com/JustAnda7]. 这项工作是作为…的一部分完成的谷歌代码之夏项目. When the module runs it will by default require privileges to listen on port 389. The module implements a default implementation for BindRequest, 搜索Request, UnbindRequest, 和 will capture both plaintext credentials 和 NTLM hashes which can be brute-forced offline. 收到成功的Bin

3分钟脆弱性管理

High-Risk Vulnerabilities in ConnectWise ScreenConnect

2月19日, 2024 ConnectWise disclosed two vulnerabilities in their ScreenConnect remote access software. 这两个漏洞都影响screenconnect23.9.7点及更早.

3分钟 InsightVM

Explanation of New Authenticated Scanning PCI DSS Requirement 11.3.1.PCI DSS V4中2个.0 和 how InsightVM can help meet the Requirement

As a Certified Qualified Security Assessor (QSA) company 和 a trusted Rapid7 partner, MegaplanIT is committed to guiding organizations through the complexities of compliance 和 security st和ards.

5分钟 Metasploit

Metasploit每周总结2024年2月16日

新的获取负载 It has been almost a year since Metasploit released the new fetch 有效载荷 [http://tbnjtb.phyto-larme.net/blog/post/2023/05/25/fetch-有效载荷-a-shorter-path-from-comm和-injection-to-metasploit-session/] 和 since then, 43 of the 79 exploit modules have had support for fetch 有效载荷. The original 有效载荷 supported transferring the second stage over HTTP, HTTPS和FTP. This week, Metasploit has expanded that protocol support to include SMB, allowing 有效载荷 to be run using rundll3

7分钟事件响应

RCE到silver:来自战场的IR故事

Rapid7 事件响应 was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source of multiple malware executions.

3分钟职业发展

Paving a Path to Systems Administration: Naeem Jones’ Journey with Rapid7

Prior to becoming a Systems Administrator at Rapid7, Naeem Jones entered his career in cybersecurity through the 黑客. 多样性计划. 黑客.

9分钟星期二补丁

补丁星期二- 2024年2月

Windows SmartScreen & Internet快捷方式. 局保护模式旁路. 交换关键的特权提升.

11分钟漏洞的披露

CVE-2023-47218: QNAP QTS 和 QuTS Hero Unauthenticated Comm和 Injection (FIXED)

Rapid7 has identified an unauthenticated comm和 injection 脆弱性 in the QNAP operating system known as QTS, a core part of the firmware for numerous QNAP entry- 和 mid-level Network Attached Storage (NAS) devices.

2分钟紧急威胁响应

Critical Fortinet FortiOS CVE-2024-21762 Exploited

CVE-2024-21762 is a critical out-of-bounds write 脆弱性 in Fortinet's FortiOS operating system that is known to have been exploited in the wild. Fortinet SSL VPN vulnerabilities are frequent targets for state-sponsored 和 other motivated adversaries.

2分钟 Metasploit

Metasploit每周总结，2024年2月9日

Go Go gadget Fortra GoAnywhere MFT模块 This Metasploit release contains a module for one of 2024's hottest 迄今为止的漏洞:CVE-2024-0204. 中的路径遍历漏洞 Fortra GoAnywhere MFT allows for unauthenticated attackers to access the InitialAccountSetup.xhtml endpoint which is used during the products initial 设置以创建第一个管理员用户. 安装完成后 endpoint is supposed to be no longer available. 攻击者可以利用这个脆弱性

3分钟 Gartner

5 Insights from the Latest Cybersecurity Trends 研究

we’ve singled out five quick insights security professionals 和 stakeholders should consider when looking ahead. These findings are based on Top Trends in Cybersecurity for 2024, 一份来自Gartner®的新研究报告.

1分钟奖

Celebrating Excellence: 亚历克斯页面 Recognized As a CRN 2024 Channel Chief

Congratulations to Rapid7’s Vice President of Global Channel Sales, 亚历克斯页面, who is named among the newly-announced CRN 2024 Channel Chiefs!

3分钟

Four Key Benefits of Rapid7’s New Managed Digital Risk Protection Service

Cybercrime has boomed to the third largest economy in the world behind the US 和 China, with much of the most nefarious behavior on the dark web. Monitoring it effectively can be the key to identifying the earliest signals of an attack – 和 the difference between a minor event 和 a major breach.