Leaked Android Platform Certificates Create Risks for Users
A new report contains 10 different platform certificates and malware sample SHA256 sums where the malware sample had been signed by a platform certificate.
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform.
Vulntober: Multiple Mobile Browser Address Bar Spoofing Vulnerabilities
Today, we're announcing a coordinated vulnerability disclosure on a set of address bar spoofing vulnerabilities that affect a number of mobile browsers.
How to Improve Vulnerability Patching Efficiency through Automation
In this blog, we discuss how automation can improve your security team's patching efficiency.
InsightVM + InsightAppSec: A Love Story
Today, we take a moment to appreciate how two of our products, InsightVM and InsightAppSec, work together to secure the entire tech stack for our customers.
Metasploit Framework Valentines Update
Valentines day is just around the corner! What could be a nicer gift for your
sweetie than a bundle of new Metasploit Framework updates? The community has
been as busy as ever delivering a sweet crop of sexy exploits, bug fixes, and
interesting new features.
Everyone Deserves a Second Chance
Meterpreter Scripts have been deprecated for years
[https://github.com/rapid7/metasploit-framework/pull/3812] in favor of Post
Exploitation modules, which are much more flexible and easy to debug.
Weekly Metasploit Wrapup
Welcome back to the Metasploit Weekly Wrapup! It's been a while since the last
one, so quite a bit has happened in that time including 75 Pull Requests.
The rewrite of meterpreter for POSIX systems, mettle, now supports a stageless
mode. You can now build standalone static executables for almost a dozen
architectures and run them on everything from small home routers to cell phones
to servers and mainframes. It can also take its configuration from the command
line, so you don't
Pokemon Go, Security, and Obsolescence
Pokemon Go started it.
The crusty old house cell phone, which we had years ago ported from a genuine
AT&T land line to a T-Mobile account, suddenly caught the attention of my middle
> "Hey Dad, can I use that phone to catch Pokemon at the park?"
"Sure! Have fun, and don't come back until sundown!"
A few minutes later, he had hunted down his first Pikachu, which apparently
required running around the block in Texas summer heat a few times. Sweat-soaked
but proud, he happily presented hi
Using the National Vunerability Database to Reveal Vulnerability Trends Over Time
This is a guest post by Ismail Guneydas. Ismail Guneydas is senior technical
leader with over ten years of experience in vulnerability management, digital
forensics, e-Crime investigations and teaching. Currently he is a senior
vulnerability manager at Kimberly-Clark and an adjunct faculty at Texas A&M. He
has M.S. in computer science and MBA degrees.
2015 is in the past, so now is as good a time as any to get some numbers
together from the year that was and analyze them. For this blog post,
Weekly Metasploit Wrapup
A little entropy goes a long way
Meterpreter can communicate via straight TCP or over HTTP(S), but whatever the
transport, the protocol is pretty much the same. It uses what is called a TLV
protocol, for Type-Length-Value
[https://en.wikipedia.org/wiki/Type-length-value]. In truth, meterpreter
actually does it in a different order: Length, Type, Value. Each meterpreter
packet is a collection of TLVs and is itself a TLV. That makes it so you can
skip over a type or even a whole packet without hav
The Haves And Have-Nots in Device Security
about the ongoing issues law enforcement is running into with Apple's
encrypted-by-default design illustrates a major difference between the iPhone
and the Android security models. Encryption by default on older Apple devices
makes it impossible for anyone without the password to decrypt the phone. This,
in turn, becomes a problem for law enforcement, since it means tha
Disclosure: Android Chrome Address Bar Spoofing (R7-2015-07)
Android Chrome Address Bar Spoofing (R7-2015-07)
Due to a problem in handling 204 "No Content" responses combined with a
window.open event, an attacker can cause the stock Chrome browser on Android to
render HTML pages in a misleading context. This effect was confirmed on an
Android device running Lollipop (5.0). An attacker could use this vulnerability
to convince a victim of a phishing e-mail, text, or link to enter private
credentials to an untrusted page controlled by the attacker.
Weekly Metasploit Wrapup: UXSS, Towelroot, and Sayonara to Ruby 1.9!
Metasploit 4.11.1 Released!
Hi all! I'm happy to announce that Metasploit 4.11.1, the latest dot version of
Metasploit Community, Express, and Pro has been released. You can fetch the
updates using the usual methods -- in the UI, with msfupdate, or with apt-get,
depending on your binary distribution. Git source checkouts don't really notice
these version bumps, of course, since the normal bundle install && git pull -r
commands will take care of everything, and if you're that sort, you're trackin
R7-2015-02: Google Play Store X-Frame-Options (XFO) Gaps Enable Android Remote Code Execution (RCE)
Due to a lack of complete coverage for X-Frame-Options
support on Google's Play Store [https://play.google.com/] web application
domain, a malicious user can leverage either a Cross-Site Scripting (XSS)
vulnerability in a particular area of the Google Play Store web application, or
a Universal XSS (UXSS) targeting affected browsers, to remotely install and
launch the main intent of an arbitrary Play S
Weekly Metasploit Wrapup: Android Android Malkovich Android
Hi folks! Sorry about the delay on this week's blog post. I've been responding
to a few concerns about this week's Android revelations about the no-patch
policy from Google with regard to nearly a billion in-use Android handsets, and
incidentally, caught a face cold that's been floating around Rapid7's delightful
open-space office model
. I'm back online and fully