所有的帖子

Metasploit周报04/26/24

牧场主模块 This week, Metasploit community member h00die [http://github.com/h00die]添加 the second of two modules targeting Rancher instances. 这些模块每个泄漏 sensitive information from vulnerable instances of the application which is 用于管理Kubernetes集群. 这些都是一个伟大的补充 Metasploit’s coverage for testing Kubernetes environments [http://docs.metasploit.com/docs/pentesting/metasploit-guide-kubernetes.html]. PAN-OS远端控制设备 Metasploit也发布了一份电子邮件

2分钟奖

USF College of Engineering Presents Rapid7 With 2024 Corporate Impact Award

上个星期五, 4月19日, the University of South Florida (USF) College of Engineering recognized individuals 和 organizations who have greatly impacted USF 和 beyond at its ninth annual Engineering Honors 奖 at The Armature Works in Tampa.

3分钟紧急威胁响应

Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise

CVE-2024-4040 is an unauthenticated zero-day vulnerability in managed file transfer software CrushFTP. 成功ful exploitation allows for arbitrary file read as root, authentication bypass for administrator account access, 以及远程代码执行.

2分钟事件

Take Comm和 Summit: Take Breaches from Inevitable to Preventable on May 21

Registration is now open for Take Comm和, a day-long virtual summit in partnership with AWS. 你将获得新的攻击情报, 对人工智能颠覆的洞察, 透明的耐多药耐药性伙伴关系, 和更多的.

2分钟 Metasploit

Metasploit周报04/19/24

欢迎Ryan和新的CrushFTP模块 It's not every week we add an awesome new exploit module to the Framework while adding the original discoverer of the vulnerability to the Rapid7 team as well. We're very excited to welcome Ryan Emmons to the 紧急威胁响应 team, 在Rapid7与Metasploit合作. 瑞安发现了一个不合适的 Controlled Modification of Dynamically-Determined Object Attributes vulnerability in CrushFTP (CVE-2023-43177) versions prior to 10.5.1制作

6分钟一种总线标准

Enforce 和 Report on 一种总线标准 DSS v4 Compliance with Rapid7

The 一种总线标准 Security St和ards Council (一种总线标准 SSC) is a global forum that connects stakeholders from the payments 和 payment processing industries to craft 和 facilitate adoption of data security st和ards 和 relevant resources that enable safe payments worldwide.

2分钟

Rapid7 了解平台 Achieves Level 2 TX-Ramp Authorization

Rapid7's 了解平台 has officially achieved Level 2 Texas Risk 和 Authorization Management Program (TX-RAMP) authorization. This milestone marks a significant step forward in providing our customers peace-of-mind as well as the best end-to-end cloud security solutions.

3分钟 Metasploit

Metasploit周报04/12/24

使用影子凭证接管帐户 The new release of Metasploit Framework includes a Shadow Credentials module 由smashery [http://github]添加.com/rapid7/metasploit-framework/pull/19051] used for reliably taking over an Active 导演y user account or computer, 和 letting future authentication to happen as that account. 这可以被链接起来 with other modules present in Metasploit Framework such as windows_secrets_dump. Details The module targets a ‘victim’ account that is part of a

4分钟紧急威胁响应

CVE-2024-3400: Critical Comm和 Injection 脆弱性 in Palo Alto Networks Firewalls

在周五, 4月12日, Palo Alto Networks published an advisory on CVE-2024-3400, a CVSS 10 vulnerability in several versions of PAN-OS, the operating system that runs on the company’s firewalls. CVE-2024-3400 allows for arbitrary code execution as root.

7分钟研究

Stories from the SOC Part 2: MSIX Installer Utilizes Telegram Bot to Execute IDAT Loader

在我们的博客系列的第一部分, we discussed how a Rust based application was used to download 和 execute the IDAT Loader. 在本系列的第二部分中, we will be providing analysis of how an MSIX installer led to the download 和 execution of the IDAT Loader.

13分钟星期二补丁

补丁星期二- 2024年4月

一个最新的零日攻击. 物联网关键rce的防御者. 几十个SQL OLE DB驱动程序rce. Microsoft adds CWE 和 Vector String Source to advisories.

3分钟 Metasploit

Metasploit周报04/05/2024

新增ESC4 AD CS模板 Metasploit增加了功能 [http://docs.metasploit.com/docs/pentesting/active-directory/ad-certificates/attacking-ad-cs-esc-vulnerabilities.html] for exploiting the ESC family of flaws in AD CS in Metasploit 6.3. 的ESC4 technique in particular has been supported for some time now thanks to the ad_cs_cert_templates module which enables users to read 和 write certificate 模板对象. This facilitates the exploitation of ESC4 which is a 错误配置在

5分钟管理检测和响应(耐多药)

Rapid7产品的新功能 & 服务业:2024年第一季度回顾

We kicked off 2024 with a continued focus on bringing security professionals the tools 和 functionality needed to anticipate risks, 查明威胁, 自信地更快地做出反应.

3分钟 Rapid7披露

CVE-2024-0394: Rapid7 Minerva Armor Privilege Escalation (FIXED)

Rapid7公开了CVE-2024-0394, a privilege escalation vulnerability in Rapid7 Minerva’s Armor product family. The root cause of this vulnerability is Minerva’s implementation of OpenSSL’s OPENSSLDIR parameter, which was set to a path accessible to low-privileged users.

4分钟职业发展

Challenges Drive Career Growth: Meet Rudina Tafhasaj

Starting a career for the first time in a new country can be intimidating. 为Rudina Tafhasaj, her path to Senior Application Engineer at Rapid7 was paved with both unique challenges, 以及令人难以置信的回报.