Posts by Caitlin Condon

3 min News

Active Exploitation of Pulse Connect Secure Zero-Day (CVE-2021-22893)

On Tuesday, FireEye published detailed analysis of multiple threat campaigns targeting Ivanti’s Pulse Connect Secure VPN.

5 min News

Attackers Targeting Fortinet Devices and SAP Applications

CISA and the FBI published a joint alert to warn users that APT threat actors were likely exploiting unpatched Fortinet FortiOS devices to gain initial access to government, commercial, technology, and other organizations’ networks.

2 min Research

Introducing the 2020 Vulnerability Intelligence Report: 50 CVEs that Made Headlines in 2020

Our 2020 Vulnerability Intelligence Report examines 50 vulnerabilities from 2020 to highlight exploitation patterns, explore attacker use cases, and offer a practical framework for understanding new threats.

4 min News

Mass Exploitation of Exchange Server Zero-Day CVEs: What You Need to Know

On March 2, Microsoft released details on an active state-sponsored threat campaign exploiting four zero-day vulnerabilities in on-premises instances of Microsoft Exchange Server.

2 min Vulnerability Management

CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know

CVE-2020-1472 is a critical privilege escalation vulnerability that can yield an attacker full takeover of an affected network. Here's what you need to know.

3 min Vulnerability Risk Management

Meet AttackerKB

Meet AttackerKB: a new community-driven resource that highlights diverse perspectives on which vulnerabilities make the most appealing targets for attackers.

2 min Metasploit

Congrats to the winners of the 2020 Metasploit community CTF

After four days of competition and a whole lot of “trying harder,” we have the winners of this year's Metasploit community CTF [/2020/01/15/announcing-the-2020-metasploit-community-ctf/]. We've included some high-level stats from the game below; check out the scoreboard here [https://metasploitctf.com/scoreboard]. If you played the CTF and want to let the Metasploit team know which challenges you found exhilarating, interesting, or infuriating (in a good way, of course), we have a feedback surve

2 min Metasploit

Metasploit Team Announces Beta Sign-Up for AttackerKB

AttackerKB is a knowledge base of vulnerabilities and informed opinions on what makes them valuable (or not) targets for exploitation.

5 min Metasploit

Announcing the 2020 Metasploit community CTF

Metasploit's community CTF is back! Starting January 30, players will have four days to find flags and win points and glory. Teams welcome.

9 min Haxmas

Memorable Metasploit Moments of 2019

Here’s a smattering of the year’s Metasploit Framework highlights from 2019. As ever, we’re grateful to and for the community that keeps us going strong.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Unauthenticated scanner for BlueKeep, community hackathon in Austin, and the usual long list of fixes and enhancements.

2 min Metasploit

Introducing the Metasploit Development Diaries

In our new Metasploit Development Diaries series, we will share stories of how exploitable conditions become stable, seasoned Metasploit Framework modules.

7 min Haxmas

The New Shiny: Memorable Metasploit Moments of 2018

Happy HaXmas, friends. Metasploit turned 15 this year, and by all accounts, 2018 was pretty epic.

2 min Metasploit

Congrats to the 2018 Metasploit community CTF winners

After three days of fierce competition, we have the winners of this year's Metasploit community CTF [/2018/11/05/announcing-the-2018-metasploit-community-ctf/]. We've included some high-level stats from the game below; check out the scoreboard here [https://metasploitctf.com/scoreboard]. If you played the CTF this weekend and want to let the Metasploit team know which challenges you found exhilarating, interesting, or infuriating (in a good way, of course), we have a survey up here: https://r-7

3 min Metasploit

Announcing the 2018 Metasploit Community CTF

Two targets, three days, and a thousand teams: Put your skills to the test for a chance to win prizes and bragging rights in Metasploit’s 2018 community CTF.