All Posts

Metasploit Weekly Wrap-Up: 6/23/23

I like to MOVEit, MOVEit, We like to MOVEit! Party hard just like it's Mardi Gras! bwatters-r7 [https://github.com/bwatters-r7] delivered the dance moves this week with a masterful performance. The windows/http/moveit_cve_2023_34362 module is available for all your party needs, taking advantage of CVE-2023-34362 [https://attackerkb.com/topics/mXmV0YpC3W/cve-2023-34362?referrer=blog], this module gets into the MOVEit database and nets shells to help you "Keep on jumpin' off the floor"! New modul

22 min Vulnerability Disclosure

Multiple Vulnerabilities in Fortra Globalscape EFT Administration Server [FIXED]

Rapid7 has uncovered four issues in Fortra Globalscape EFT, the worst of which can lead to remote code execution.

6 min Attack Surface Security

Cyber Asset Attack Surface Management 101

CAASM is intended to be an authoritative source of asset information complete with ownership, network, and business context for IT and security teams.

5 min Metasploit

Metasploit Weekly Wrap-Up: Jun. 16, 2023

Metasploit T-Shirt Design Contest In honor of Metasploit's 20th anniversary, Rapid7 is launching special edition t-shirts - and we're inviting members of our community to have a hand in its creation. The contest winner will have their design featured on the shirts, which will then be available to pick up at Black Hat 2023. We will be accepting submissions from now through June 30! Contest details, design guidelines, and submission instructions here [https://docs.google.com/forms/d/e/1FAIpQLSeWU

3 min Emergent Threat Response

CVE-2023-34362: MOVEit Vulnerability Timeline of Events

Rapid7 continues to track the impact of CVE-2023-34362. We’ve put together a timeline of events to date for your reference.

10 min Vulnerability Management

Patch Tuesday - June 2023

No zero-day vulns this month. PGM & .NET/Visual Studio critical RCEs. SharePoint EoP. Exchange RCEs.

2 min Emergent Threat Response

CVE-2023-27997: Critical Fortinet Fortigate Remote Code Execution Vulnerability

Rapid7 is tracking CVE-2023-27997, a purportedly critical remote code execution (RCE) vulnerability in Fortigate SSL VPN firewalls.

3 min Metasploit

Metasploit Weekly Wrap-Up: Jun. 9, 2023

MOVEit It has been a busy few weeks in the security space; the MOVEit [https://www.rapid7.com/blog/post/2023/06/01/rapid7-observed-exploitation-of-critical-moveit-transfer-vulnerability/?utm_campaign=sm-blog&utm_source=twitter&utm_medium=organic-social] vulnerability filling our news feeds with dancing lemurs and a Barracuda [https://www.rapid7.com/blog/post/2023/06/08/etr-cve-2023-2868-total-compromise-of-physical-barracuda-esg-appliances/?utm_campaign=sm-ETR&utm_source=twitter,linkedin&utm_me

6 min Application Security

OWASP TOP 10 API Security Risks: 2023

The OWASP Top 10 API Security Risks is a list of the highest priority API based threats in 2023. In this blog, we detail each item on the list.

3 min Cloud Security

Detect and Prioritize Identity-Related Cloud Risk with InsightCloudSec

We are pleased to introduce our next advancement of identity-related risk management and remediation in Rapid7's InsightCloudSec: Identity Analysis.

3 min Emergent Threat Response

CVE-2023-2868: Total Compromise of Physical Barracuda ESG Appliances

Rapid7 incident response teams are investigating exploitation of physical Barracuda Networks Email Security Gateway (ESG) appliances.

10 min Velociraptor

Velociraptor 0.6.9 Release: Digging Even Deeper with SMB Support, Azure Storage and Lockdown Server Mode

Rapid7 is very excited to announce version 0.6.9 of Velociraptor is now LIVE and available for download.

4 min Metasploit

Metasploit Weekly Wrap-Up: Jun. 7, 2023

Metasploit adds new support for Amazon Web Services EC2 instance enumeration with integrated session support, Apache NiFi scanners, and more

5 min Detection and Response

This is Ceti Alpha Five!

In this blog, we explore how Star Trek II: The Wrath of Khan demonstrates the very best and worst of cybersecurity in the 23rd Century.

2 min Metasploit

Metasploit Weekly Wrap-Up: 6/2/23

Support added for Active Directory Certificate Services ESC4 Exploitation, and a new sudoedit extra arguments privilege escalation module