Rapid7 Cybersecurity Blog & Latest Vulnerability News

Vulnerabilities and Exploits

CVE-2022-4261: Rapid7 Nexpose Update Validation Issue (FIXED)

Tod Beardsley

Vulnerabilities and Exploits

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures

Ron Bowes

Vulnerabilities and Exploits

Rapid7’s Impact from OpenSSL Buffer Overflow Vulnerabilities (CVE-2022-3786 & CVE-2022-3602)

Rapid7

Vulnerabilities and Exploits

Rapid7’s Impact from Apache Commons Text Vulnerability (CVE-2022-42889)

Rapid7

Vulnerabilities and Exploits

CVE-2021-39144: VMware Cloud Foundation Unauthenticated Remote Code Execution

Caitlin Condon

Vulnerabilities and Exploits

CVE-2022-40684: Remote Authentication Bypass Vulnerability in Fortinet Firewalls, Web Proxies

Glenn Thorpe

Vulnerabilities and Exploits

Network Access for Sale: Protect Your Organization Against This Growing Threat

Jeremy Makowski

Vulnerabilities and Exploits

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

Jake Baines

Vulnerabilities and Exploits

CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation

Jake Baines

Vulnerabilities and Exploits

CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection

Jake Baines

Vulnerabilities and Exploits

Update on Spring4Shell’s Impact on Rapid7 Solutions and Systems

Rapid7

Vulnerabilities and Exploits

CVE-2022-0847: Arbitrary File Overwrite Vulnerability in Linux Kernel

Caitlin Condon

Vulnerabilities and Exploits

Metasploit Weekly Wrap-Up: Mar. 4, 2022

Shelby Pace

Vulnerabilities and Exploits

Russia/Ukraine Conflict: What Is Rapid7 Doing to Protect My Organization?

Rapid7

Vulnerabilities and Exploits

Staying Secure in a Global Cyber Conflict

Rapid7

Vulnerabilities and Exploits

Active Exploitation of VMware Horizon Servers

Glenn Thorpe

Vulnerabilities and Exploits

The Everyperson’s Guide to Log4Shell (CVE-2021-44228)

boB Rudis

Vulnerabilities and Exploits

Using InsightVM to Find Apache Log4j CVE-2021-44228

Greg Wiseman

Vulnerabilities and Exploits

Driver-Based Attacks: Past and Present

Jake Baines

Vulnerabilities and Exploits

Opportunistic Exploitation of Zoho ManageEngine and Sitecore CVEs

Caitlin Condon

Vulnerabilities and Exploits

New NPM library hijacks (coa and rc)

Caitlin Condon

The Rapid7 Blog:
Your Signal in the Security Noise

Featured posts

Introducing Rapid7 MDR for Microsoft

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

How Modern SOCs are Fighting against Alert Fatigue

Introducing Rapid7 MDR for Microsoft

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

How Modern SOCs are Fighting against Alert Fatigue

Categories

Popular Tags

CVE-2022-4261: Rapid7 Nexpose Update Validation Issue (FIXED)

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures

Rapid7’s Impact from OpenSSL Buffer Overflow Vulnerabilities (CVE-2022-3786 & CVE-2022-3602)

Rapid7’s Impact from Apache Commons Text Vulnerability (CVE-2022-42889)

CVE-2021-39144: VMware Cloud Foundation Unauthenticated Remote Code Execution

CVE-2022-40684: Remote Authentication Bypass Vulnerability in Fortinet Firewalls, Web Proxies

Network Access for Sale: Protect Your Organization Against This Growing Threat

Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software

CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation

CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection

Update on Spring4Shell’s Impact on Rapid7 Solutions and Systems