Back to Blog

Posts tagged Emergent Threat Response

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Vulnerabilities and Exploits

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Rapid7's avatar

Rapid7

Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators

Detection and Response

Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators

Rapid7's avatar

Rapid7

Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise

Exposure Management

Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise

Caitlin Condon's avatar

Caitlin Condon

CVE-2024-3400: Critical Command Injection Vulnerability in Palo Alto Networks Firewalls

Exposure Management

CVE-2024-3400: Critical Command Injection Vulnerability in Palo Alto Networks Firewalls

Caitlin Condon's avatar

Caitlin Condon

Backdoored XZ Utils (CVE-2024-3094)

Vulnerabilities and Exploits

Backdoored XZ Utils (CVE-2024-3094)

Rapid7's avatar

Rapid7

CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)

Threat Research

CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)

Rapid7's avatar

Rapid7

High-Risk Vulnerabilities in ConnectWise ScreenConnect

Threat Research

High-Risk Vulnerabilities in ConnectWise ScreenConnect

Rapid7's avatar

Rapid7

RCE to Sliver: IR Tales from the Field

Threat Research

RCE to Sliver: IR Tales from the Field

Rapid7's avatar

Rapid7

Critical Fortinet FortiOS CVE-2024-21762 Exploited

Threat Research

Critical Fortinet FortiOS CVE-2024-21762 Exploited

Rapid7's avatar

Rapid7

CVE-2024-0204: Critical Authentication Bypass in Fortra GoAnywhere MFT

Threat Research

CVE-2024-0204: Critical Authentication Bypass in Fortra GoAnywhere MFT

Caitlin Condon's avatar

Caitlin Condon

Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server

Threat Research

Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server

Rapid7's avatar

Rapid7

Zero-Day Exploitation of Ivanti Connect Secure and Policy Secure Gateways

Threat Research

Zero-Day Exploitation of Ivanti Connect Secure and Policy Secure Gateways

Caitlin Condon's avatar

Caitlin Condon

CVE-2023-49103 - Critical Information Disclosure in ownCloud Graph API

Vulnerabilities and Exploits

CVE-2023-49103 - Critical Information Disclosure in ownCloud Graph API

Stephen Fewer's avatar

Stephen Fewer

CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest

Vulnerabilities and Exploits

CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest

Caitlin Condon's avatar

Caitlin Condon

Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518

Vulnerabilities and Exploits

Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518

Rapid7's avatar

Rapid7

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Vulnerabilities and Exploits

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Rapid7's avatar

Rapid7

CVE-2023-4966: Exploitation of Citrix NetScaler Information Disclosure Vulnerability

Vulnerabilities and Exploits

CVE-2023-4966: Exploitation of Citrix NetScaler Information Disclosure Vulnerability

Rapid7's avatar

Rapid7

CVE-2023-20198: Active Exploitation of Cisco IOS XE Zero-Day Vulnerability

Vulnerabilities and Exploits

CVE-2023-20198: Active Exploitation of Cisco IOS XE Zero-Day Vulnerability

Caitlin Condon's avatar

Caitlin Condon

CVE-2023-22515: Zero-Day Privilege Escalation in Confluence Server and Data Center

Vulnerabilities and Exploits

CVE-2023-22515: Zero-Day Privilege Escalation in Confluence Server and Data Center

Caitlin Condon's avatar

Caitlin Condon

Critical Vulnerabilities in WS_FTP Server

Threat Research

Critical Vulnerabilities in WS_FTP Server

Caitlin Condon's avatar

Caitlin Condon

Exploitation of Juniper Networks SRX Series and EX Series Devices

Exposure Management

Exploitation of Juniper Networks SRX Series and EX Series Devices

Ron Bowes's avatar

Ron Bowes