All Posts

2 min Research

Poorly Purged Medical Devices Present Security Concerns After Sale on Secondary Market

In Security Implications from Improper De-acquisition of Medical Infusion Pumps Rapid7 performs a physical and technical teardown of more than a dozen medical infusion pumps.
6 min Vulnerability Disclosure

CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability

Rapid7 discovered a new vulnerability that allows unauthenticated attackers to access the API in unsupported versions of MobileIron Core (11.2 and below).
5 min Application Security

InsightAppSec Advanced Authentication Settings: Token Replacement

InsightAppSec Token Replacement can be used to capture and replay Bearer Authentication tokens, JWT Authentication tokens, or any other form of session token.
4 min Cloud Security

New InsightCloudSec Compliance Pack for CIS AWS Benchmark 2.0.0

The Center for Internet Security (CIS) recently released version two of their AWS Benchmark: CIS AWS Benchmark 2.0.0.

3 min Cybersecurity

How To Present SecOps Metrics (The Right Way)

Metrics presentations can get boring. So, it is essential for security professionals to make them engaging. Here's how.
3 min Metasploit

Metasploit Weekly Wrap up

Unauthenticated RCE in VMware Product This week, community contributor h00die [https://github.com/h00die] added an exploit module that leverages a command injection vulnerability in VMWare Aria Operations for Networks, formerly known as vRealize Network Insight. Versions 6.2 to 6.10 are vulnerable (CVE-2023-20887 [https://attackerkb.com/topics/gxz1cUyFh2/cve-2023-20887?referrer=blog]). A remote attacker could abuse the Apache Thrift RPC interface by sending specially crafted data and get unauthe
4 min Penetration Testing

PenTales: There Are Many Ways to Infiltrate the Cloud

At Rapid7 we love a good pen test story. So often they show the cleverness, skill, resilience, and dedication to our customer’s security that can only come from actively trying to break it! In this series, we’re going to share some of our favorite tales from the pen test desk and hopefully highlight some ways you can improve your own organization’s security. Rapid7 was engaged to do an AWS cloud ecosystem pentest for a large insurance group. The test included looking at internal and external as
2 min Emergent Threat Response

CVE-2023-35078: Critical API Access Vulnerability in Ivanti Endpoint Manager Mobile

CVE-2023-35078 is a critical remote unauthenticated API access vulnerability in Ivanti Endpoint Manager Mobile.
2 min Metasploit

Metasploit Weekly Wrap up

This week's weekly wrapup includes two new Metasploit modules - Piwigo Gather Credentials via SQL Injection ( CVE-2023-26876 ) and Openfire authentication bypass with RCE plugin (CVE-2023-32315)
3 min Penetration Testing

PenTales: Testing Security Health for a Healthcare Company

At Rapid7 we love a good pen test story. So often they show the cleverness, skill, resilience, and dedication to our customer’s security that can only come from actively trying to break it! In this series, we’re going to share some of our favorite tales from the pen test desk and hopefully highlight some ways you can improve your own organization’s security. Rapid7 was tasked with testing a provider website in the healthcare industry. Providers had the ability on the website to apply for jobs
1 min Threat Intel

The Japanese Technology and Media Attack Landscape

Recently, we released a major report analyzing the threat landscape of Japan, the globe’s third largest economy. In that report we looked at the ways in which threat actors infiltrate Japanese companies (spoiler alert: it is often through foreign subsidiaries and affiliates) and some of the most pervasive threats those companies face such as ransomware and state-sponsored threat actors. We also took a look at some of the hardest hit industries and it should come as no surprise that some of the
5 min Vulnerability Disclosure

CVE-2023-38205: Adobe ColdFusion Access Control Bypass [FIXED]

Rapid7 discovered that the initial patch for CVE-2023-29298 (Adobe ColdFusion access control bypass vulnerability) did not successfully remediate the issue.

2 min Emergent Threat Response

Critical Zero-Day Vulnerability in Citrix NetScaler ADC and NetScaler Gateway

Citrix has published a security bulletin warning users of three new vulnerabilities affecting NetScaler ADC and NetScaler Gateway.

4 min Cloud Security

Managing Risk Across Hybrid Environments with Executive Risk View

As attack surfaces continue to expand, security teams must evolve the scope and approach of their vulnerability management programs.
4 min Emergent Threat Response

Active Exploitation of Multiple Adobe ColdFusion Vulnerabilities

Rapid7 managed services teams have observed exploitation of Adobe ColdFusion in multiple customer environments.

Popular Topics

Tags