2分钟
研究
A Shifting Attack L和scape: Rapid7’s 2022 脆弱性 Intelligence Report
We’re excited to release Rapid7’s 2022 脆弱性 Intelligence Report—a deep dive into 50 of the most notable vulnerabilities our research team investigated throughout the year.
2分钟
云安全
CIEM is Required for 云安全 和 IAM Providers to Compete: Gartner® Report
云安全 和 IAM providers should consider prioritizing specific CIEM capabilities according to a new Gartner report.
2分钟
研究
深入研究逆向代码设计
This white paper offers a technical deep dive into PLC protocols 和 how to safely scan CODESYS-based ICS networking stacks.
2分钟
Rapid7文化
Rapid7 和 USF: Building a diverse cybersecurity workforce is not optional
Rapid7 和 the University of South Florida (USF) have announced a joint research lab aimed at increasing diversity in the cybersecurity workforce.
2分钟
研究
Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974
Rapid7 research has found that nearly 19,000 ESXi servers likely remain vulnerable to CVE-2021-21974, which is being exploited in the ESXiArgs campaign.
5分钟
研究
Evasion Techniques Uncovered: An Analysis of APT Methods
DLL search order hijacking 和 DLL sideloading are commonly used by nation state sponsored attackers to evade detection.
3分钟
紧急威胁响应
Exploitation of GoAnywhere MFT zero-day vulnerability
A warning has been issued about an actively exploited zero-day vulnerability affecting on-premise instances of Fortra’s GoAnywhere MFT.
10分钟
研究
Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer 和 Qakbot Malware
Recently, Rapid7 observed malicious actors using OneNote files to deliver malicious code. 这篇文章详细介绍了我们的发现.
4分钟
开源
识别版本v3.0.3
识别版本v3.0.3, 现在就有了, includes updated fingerprints for Zoho ManageEngine PAM360, 密码管理器, 和 Access 经理 Plus; Atlassian Bitbucket Server; 和 Supervisord Supervisor.
4分钟
研究
Year in Review: Rapid7 Cybersecurity 研究
Rapid7 is dedicated to conducting research that benefits the entire cybersecurity community. Here is a sampling of our efforts in 2022.
2分钟
紧急威胁响应
CVE-2022-27510: Critical Citrix ADC 和 Gateway Remote Authentication Bypass Vulnerabilities
On November 8, 2022, Citrix published Citrix Gateway 和 Citrix ADC Security
Bulletin for CVE-2022-27510 CVE-2022-27513 和 CVE-2022-27516
[http://support.citrix.com/article/CTX463706/citrix-gateway-和-citrix-adc-security-bulletin-for-cve202227510-cve202227513-和-cve202227516]
announcing fixes for three vulnerabilities:
* CVE-2022-27510 [http://nvd . net].nist.gov / vuln /细节/ cve - 2022 - 27510)
“Unauthorized access to Gateway user capabilities”
* CVE-2022-27513 [http://nvd . net].nist.gov / vuln /德泰
2分钟
DAST
New 研究: Optimizing DAST 脆弱性 Triage with Deep Learning
在新论文中, Rapid7 data scientists outline a novel deep learning model to automatically prioritize application security vulnerabilities 和 reduce false positive friction.
3分钟
研究
New 研究: We’re Still Terrible at Passwords; Making it Easy for Attackers
We look at two of the most popular protocols used for remote administration, SSH和RDP, to get a sense of how attackers are taking advantage of weaker password management to gain access to systems.
8分钟
漏洞的披露
FLEXlm 和 Citrix ADM Denial of Service 脆弱性
Note: Updated October 20, 2022 to clarify that this bypasses CVE-2022-27512 和
not CVE-2022-27511, which has a different root cause.
On June 27, 2022, Citrix released an advisory
[http://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-和-cve202227512]
获取CVE-2022-27511 [http://nvd . net].nist.gov / vuln /细节/ cve - 2022 - 27511)
cve - 2022 - 27512 (http://nvd.nist.gov / vuln /德泰l/CVE-2022-27512], which affect
Citrix ADM (Application Del
7分钟
漏洞的披露
Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)
Rapid7 discovered vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare.