Posts tagged Risk Management

Update on Log4Shell’s Impact on Rapid7 Solutions and Systems

Exposure Management

Update on Log4Shell’s Impact on Rapid7 Solutions and Systems

Rapid7

Driver-Based Attacks: Past and Present

Vulnerabilities and Exploits

Driver-Based Attacks: Past and Present

Jake Baines

Widespread Exploitation of Critical Remote Code Execution in Apache Log4j

Exposure Management

Widespread Exploitation of Critical Remote Code Execution in Apache Log4j

boB Rudis

Patch Now: SonicWall Fixes Multiple Vulnerabilities in SMA 100 Devices

Exposure Management

Patch Now: SonicWall Fixes Multiple Vulnerabilities in SMA 100 Devices

Glenn Thorpe

Oh No, Zoho: Active Exploitation of CVE-2021-44077 Allowing Unauthenticated Remote Code Execution

Exposure Management

Oh No, Zoho: Active Exploitation of CVE-2021-44077 Allowing Unauthenticated Remote Code Execution

Glenn Thorpe

Ongoing Exploitation of Windows Installer CVE-2021-41379

Exposure Management

Ongoing Exploitation of Windows Installer CVE-2021-41379

Glenn Thorpe

Active Exploitation of Apache HTTP Server CVE-2021-40438

Exposure Management

Active Exploitation of Apache HTTP Server CVE-2021-40438

Caitlin Condon

CVE-2021-43287 Allows Pre-Authenticated Build Takeover of GoCD Pipelines

Exposure Management

CVE-2021-43287 Allows Pre-Authenticated Build Takeover of GoCD Pipelines

Caitlin Condon

GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild

Exposure Management

GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild

Jake Baines

2022 Planning: Designing Effective Strategies to Manage Supply Chain Risk

Exposure Management

2022 Planning: Designing Effective Strategies to Manage Supply Chain Risk

Jesse Mack

Apache HTTP Server CVE-2021-41773 Exploited in the Wild

Exposure Management

Apache HTTP Server CVE-2021-41773 Exploited in the Wild

Caitlin Condon

Active Exploitation of Confluence Server & Confluence Data Center: CVE-2021-26084

Exposure Management

Active Exploitation of Confluence Server & Confluence Data Center: CVE-2021-26084

Caitlin Condon

ProxyShell: More Widespread Exploitation of Microsoft Exchange Servers

Exposure Management

ProxyShell: More Widespread Exploitation of Microsoft Exchange Servers

Caitlin Condon

Popular Attack Surfaces, August 2021: What You Need to Know

Exposure Management

Popular Attack Surfaces, August 2021: What You Need to Know

Glenn Thorpe

PetitPotam: Novel Attack Chain Can Fully Compromise Windows Domains

Exposure Management

PetitPotam: Novel Attack Chain Can Fully Compromise Windows Domains

Caitlin Condon

CVE-2021-34527 PrintNightmare: What You Need to Know

Exposure Management

CVE-2021-34527 PrintNightmare: What You Need to Know

Erick Galinkin

CVE-2021-21985: What You Need To Know About the Latest Critical vCenter Server Vulnerability

Exposure Management

CVE-2021-21985: What You Need To Know About the Latest Critical vCenter Server Vulnerability

Caitlin Condon

VMware ESXi OpenSLP Remote Code Execution Vulnerability (CVE-2020-3992 and CVE-2019-5544): What You Need To Know

Exposure Management

VMware ESXi OpenSLP Remote Code Execution Vulnerability (CVE-2020-3992 and CVE-2019-5544): What You Need To Know

boB Rudis

CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know

Vulnerabilities and Exploits

CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know

Caitlin Condon

Q&A from June 2020 Customer Webcast on InsightVM Custom Policy Builder

Exposure Management

Q&A from June 2020 Customer Webcast on InsightVM Custom Policy Builder

Rapid7

Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350): What You Need to Know

Threat Research

Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350): What You Need to Know

boB Rudis