All Posts

Metasploit Weekly Wrap-Up: Aug. 4, 2023

Fly High in the Sky With This New Cloud Exploit! This week, a new module was added that takes advantage of both authentication bypass and command injection in certain versions of Western Digital's MyCloud hardware. Submitted by community member Erik Wynter [https://github.com/ErikWynter], this module gains access to the target, attempts to bypass authentication, verifies whether that was successful, then executes the payload with root privileges. This works on versions before 2.30.196, and offer

3 min Penetration Testing

Why Physical Social Engineering Engagements are an Important Part of Security

In this series, we’re going to share some of our favorite tales from the pen test desk and hopefully highlight some ways you can improve your own organization’s security.

2 min Research

Poorly Purged Medical Devices Present Security Concerns After Sale on Secondary Market

In Security Implications from Improper De-acquisition of Medical Infusion Pumps Rapid7 performs a physical and technical teardown of more than a dozen medical infusion pumps.

6 min Vulnerability Disclosure

CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability

Rapid7 discovered a new vulnerability that allows unauthenticated attackers to access the API in unsupported versions of MobileIron Core (11.2 and below).

5 min Application Security

InsightAppSec Advanced Authentication Settings: Token Replacement

InsightAppSec Token Replacement can be used to capture and replay Bearer Authentication tokens, JWT Authentication tokens, or any other form of session token.

4 min Cloud Security

New InsightCloudSec Compliance Pack for CIS AWS Benchmark 2.0.0

The Center for Internet Security (CIS) recently released version two of their AWS Benchmark: CIS AWS Benchmark 2.0.0.

3 min Cybersecurity

How To Present SecOps Metrics (The Right Way)

Metrics presentations can get boring. So, it is essential for security professionals to make them engaging. Here's how.

3 min Metasploit

Metasploit Weekly Wrap-Up: July 28, 2023

Unauthenticated RCE in VMware Product This week, community contributor h00die [https://github.com/h00die] added an exploit module that leverages a command injection vulnerability in VMWare Aria Operations for Networks, formerly known as vRealize Network Insight. Versions 6.2 to 6.10 are vulnerable (CVE-2023-20887 [https://attackerkb.com/topics/gxz1cUyFh2/cve-2023-20887?referrer=blog]). A remote attacker could abuse the Apache Thrift RPC interface by sending specially crafted data and get unauthe

4 min Penetration Testing

PenTales: There Are Many Ways to Infiltrate the Cloud

At Rapid7 we love a good pen test story. So often they show the cleverness, skill, resilience, and dedication to our customer’s security that can only come from actively trying to break it! In this series, we’re going to share some of our favorite tales from the pen test desk and hopefully highlight some ways you can improve your own organization’s security. Rapid7 was engaged to do an AWS cloud ecosystem pentest for a large insurance group. The test included looking at internal and external as

2 min Emergent Threat Response

CVE-2023-35078: Critical API Access Vulnerability in Ivanti Endpoint Manager Mobile

CVE-2023-35078 is a critical remote unauthenticated API access vulnerability in Ivanti Endpoint Manager Mobile.

2 min Metasploit

Metasploit Weekly Wrap Up: July 21, 2023

This week's weekly wrapup includes two new Metasploit modules - Piwigo Gather Credentials via SQL Injection ( CVE-2023-26876 ) and Openfire authentication bypass with RCE plugin (CVE-2023-32315)

3 min Penetration Testing

PenTales: Testing Security Health for a Healthcare Company

At Rapid7 we love a good pen test story. So often they show the cleverness, skill, resilience, and dedication to our customer’s security that can only come from actively trying to break it! In this series, we’re going to share some of our favorite tales from the pen test desk and hopefully highlight some ways you can improve your own organization’s security. Rapid7 was tasked with testing a provider website in the healthcare industry. Providers had the ability on the website to apply for jobs

1 min Threat Intel

The Japanese Technology and Media Attack Landscape

Recently, we released a major report analyzing the threat landscape of Japan, the globe’s third largest economy. In that report we looked at the ways in which threat actors infiltrate Japanese companies (spoiler alert: it is often through foreign subsidiaries and affiliates) and some of the most pervasive threats those companies face such as ransomware and state-sponsored threat actors. We also took a look at some of the hardest hit industries and it should come as no surprise that some of the

5 min Vulnerability Disclosure

CVE-2023-38205: Adobe ColdFusion Access Control Bypass [FIXED]

Rapid7 discovered that the initial patch for CVE-2023-29298 (Adobe ColdFusion access control bypass vulnerability) did not successfully remediate the issue.