1分钟
事件
Takeaways From The Take Comm和 Summit: Navigating Modern SOC Challenges
At our recent Take Comm和 summit, experts delved into the pressing challenges faced by SOC teams.
2分钟
Metasploit
Metasploit周报06/28/2024
Unauthenticated Comm和 Injection in Netis Router
This week's Metasploit release includes an exploit module for an unauthenticated
comm和 注射 vulnerability in the Netis MW5360 router which is being
被追踪为CVE-2024-22729. The vulnerability stems from improper h和ling of the
password parameter within the router's web interface which allows for comm和
注射. Fortunately for attackers, the router's login page authorization can
be bypassed by simply deleting the authorization header,
10分钟
管理检测和响应(耐多药)
Supply Chain Compromise Leads to Trojanized 安装程序 for Notezilla, RecentX, Copywhiz
The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler
麦格劳,莎拉·李和托马斯·埃尔金斯.
执行概要
On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious
客户环境中的活动. 我们的调查发现
suspicious behavior was emanating from the installation of Notezilla, a program
that allows for the creation of sticky notes on a Windows desktop. 安装程序
for Notezilla, along with tools called RecentX 和
1分钟
事件
Takeaways From The Take Comm和 Summit: Unprecedented Threat L和scape
The Rapid7 Take Comm和 summit unveiled crucial findings from the 2024 Attack Intelligence Report, offering invaluable insights for cybersecurity professionals navigating today's complex threat l和scape.
4分钟
紧急威胁响应
Authentication Bypasses in MOVEit Transfer 和 MOVEit Gateway
6月25日, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer 和 MOVEit Gateway: CVE-2024-5806 和 CVE-2024-5805.
1分钟
事件
Takeaways From The Take Comm和 Summit: Underst和ing Modern Cyber Attacks
In today's cybersecurity l和scape, staying ahead of evolving threats is crucial. The 状态 of Security Panel from our Take Comm和 summit held May 21st delved into how artificial intelligence (AI) is reshaping cyber attacks 和 defenses.
4分钟
十大赌博正规信誉网址
从Top Dogs到Unified Pack
Cybersecurity is as unpredictable as it is rewarding. This means you 和 your cyber team may find yourselves navigating a complex l和scape of multi-cloud environments 和 evolving compliance requirements.
3分钟
Metasploit
Metasploit周报2016/21/06
Windows上PHP的参数注入
This week includes modules that target file traversal 和 arbitrary file read
vulnerabilities for software such as Apache, SolarWinds 和 Check Point, with
the highlight being a module for the recent PHP vulnerability submitted by
sfewer-r7 . 这个模块利用一个参数
注射 vulnerability, resulting in remote code execution 和 a Meterpreter
shell running in the context of the Administrator user.
注意,这个攻击
4分钟
物联网
开始物联网评估的有用工具
The Internet of Things (物联网) can be a daunting field to get into. With many different tools 和 products available on the market it can be confusing to even know where to start.
10分钟
管理检测和响应(耐多药)
Malvertising Campaign Leads to Execution of Oyster Backdoor
Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.
3分钟
Metasploit
Metasploit每周总结2024年6月14日
新增模块内容(5)
teleerik报表服务器验证旁路
作者:SinSinology和Spencer McIntyre
类型:辅助
拉取请求:#19242
由zeroSteiner贡献
Path: scanner/http/telerik_report_server_auth_bypass
攻击者kb参考:CVE-2024-4358
Description: This adds an exploit for CVE-2024-4358 which is an authentication
旁路
4分钟
安全运营(SOC)
Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps 和 Augment 耐多药 服务
在Rapid7, we are pioneering the infusion of artificial intelligence (AI) into our platform 和 service offerings, transforming the way security operations centers (SOCs) around the globe operate.
7分钟
星期二补丁
补丁星期二- 2024年6月
还是MSMQ RCE. Office恶意文件rce. SharePoint远端控制设备. DNSSEC NSEC3 DoS.
2分钟
伶盗龙
Enhancing 伶盗龙 with the Cado Security Platform
伶盗龙 is a robust open-source tool designed for collecting 和 querying forensic 和 incident response artifacts across various endpoints. This powerful tool allows incident responders to effortlessly gather data from remote systems, 不管他们在哪里.
2分钟
紧急威胁响应
CVE-2024-28995: Trivially Exploitable Information Disclosure 脆弱性 in SolarWinds Serv-U
6月5日, 2024, SolarWinds披露了CVE-2024-28995, a high-severity directory traversal vulnerability affecting the Serv-U file transfer server. 成功ful exploitation of the vulnerability allows unauthenticated attackers to read sensitive files on the host.