6分钟
PCI
Enforce and Report on PCI DSS v4 Compliance with Rapid7
The PCI Security Standards Council (PCI SSC) is a global forum that connects stakeholders from the payments and payment processing industries to craft and facilitate adoption of data security standards and relevant resources that enable safe payments worldwide.
2分钟
Rapid7 了解平台 Achieves Level 2 TX-Ramp Authorization
Rapid7's 了解平台 has officially achieved Level 2 Texas Risk and Authorization Management Program (TX-RAMP) authorization. This milestone marks a significant step forward in providing our customers peace-of-mind as well as the best end-to-end cloud security solutions.
3 min
Metasploit
Metasploit周报04/12/24
使用影子凭证接管帐户
The new release of Metasploit Framework includes a Shadow Credentials module
由smashery [http://github]添加.com/rapid7/metasploit-framework/pull/19051]
used for reliably taking over an Active 导演y user account or computer, and
letting future authentication to happen as that account. 这可以被链接起来
with other modules present in Metasploit Framework such as windows_secrets_dump.
Details
The module targets a ‘victim’ account that is part of a
3 min
紧急威胁响应
CVE-2024-3400: Critical Command Injection 脆弱性 in Palo Alto Networks Firewalls
在周五, 4月12日, Palo Alto Networks published an advisory on CVE-2024-3400, a CVSS 10 vulnerability in several versions of PAN-OS, the operating system that runs on the company’s firewalls. CVE-2024-3400 allows for arbitrary code execution as root.
7分钟
研究
Stories from the SOC Part 2: MSIX Installer Utilizes Telegram Bot to Execute IDAT Loader
在我们的博客系列的第一部分, we discussed how a Rust based application was used to download and execute the IDAT Loader. 在本系列的第二部分中, we will be providing analysis of how an MSIX installer led to the download and execution of the IDAT Loader.
13分钟
星期二补丁
补丁星期二- 2024年4月
一个最新的零日攻击. 物联网关键rce的防御者. 几十个SQL OLE DB驱动程序rce. Microsoft adds CWE and Vector String Source to advisories.
3 min
Metasploit
Metasploit周报04/05/2024
新增ESC4 AD CS模板
Metasploit增加了功能
[http://docs.metasploit.com/docs/pentesting/active-directory/ad-certificates/attacking-ad-cs-esc-vulnerabilities.html]
for exploiting the ESC family of flaws in AD CS in Metasploit 6.3. 的ESC4
technique in particular has been supported for some time now thanks to the
ad_cs_cert_templates module which enables users to read and write certificate
模板对象. This facilitates the exploitation of ESC4 which is a
错误配置在
5 min
管理检测和响应(MDR)
Rapid7产品的新功能 & 服务业:2024年第一季度回顾
We kicked off 2024 with a continued focus on bringing security professionals the tools and functionality needed to anticipate risks, 查明威胁, 自信地更快地做出反应.
3 min
Rapid7披露
CVE-2024-0394: Rapid7 Minerva Armor Privilege Escalation (FIXED)
Rapid7公开了CVE-2024-0394, a privilege escalation vulnerability in Rapid7 Minerva’s Armor product family. The root cause of this vulnerability is Minerva’s implementation of OpenSSL’s OPENSSLDIR parameter, which was set to a path accessible to low-privileged users.
4 min
职业发展
Challenges Drive Career Growth: Meet Rudina Tafhasaj
Starting a career for the first time in a new country can be intimidating. 为Rudina Tafhasaj, her path to Senior Application Engineer at Rapid7 was paved with both unique challenges, 以及令人难以置信的回报.
3 min
紧急威胁响应
XZ Utils后门漏洞(CVE-2024-3094)
在周五, 3月29日, after investigating anomalous behavior in his Debian sid environment, developer Andres Freund contacted an open-source security mailing list to share that he had discovered an upstream backdoor in widely used command line tool XZ Utils (liblzma).
3 min
Metasploit
Metasploit每周总结2024年3月29日
Metasploit adds three new exploit modules including an RCE for SharePoint.
10分钟
恶意软件
Stories from the SOC Part 1: IDAT Loader to BruteRatel
Rapid7’s 管理检测和响应(MDR) team continuously monitors our customers' environments, identifying emerging threats and developing new detections.
12分钟
Metasploit
Metasploit框架.4发布
Today, Metasploit is pleased to announce the release of Metasploit Framework
6.4. It has been just over a year since the release of version 6.3
[http://2.alanallport.net/blog/post/2023/01/30/metasploit-framework-6-3-released/]
and the team has added many new features and improvements since then.
For news reporters, please reach out to press@alanallport.net.
Kerberos的改进
Metasploit 6.3 included initial support for Kerberos authentication within
Metasploit and was one of the larger features i
2分钟
Metasploit
Metasploit每周总结2024年3月22日
新增模块内容(1)
OpenNMS Horizon认证RCE
作者:埃里克·温特
类型:利用
拉取请求:#18618 [http://github ..com/rapid7/metasploit-framework/pull/18618]
erikynter [http://github]贡献.com/ErikWynter]
Path: linux/http/opennms_horizon_authenticated_rce
攻击者kb参考:CVE-2023-0872
[http://attackerkb.com/search?q = cve - 2023 - 0872?介绍人=博客]
Description: This module exploits built-in functionality in OpenNMS Horizon in
命令执行任意命令,如t