3 min
InsightAppSec
Solving the Access Goldilocks Problem: RBAC for InsightAppSec Is Here
Role-Based Access Control (RBAC) lets you flexibly provide the right levels of access to InsightAppSec for each role on your security team.
2 min
Vulnerability Disclosure
R7-2017-03: Improper Access Control of Fuze Meeting Recordings (FIXED)
This post describes a security vulnerability
[https://www.rapid7.com/fundamentals/vulnerabilities-exploits-threats/] in the
Fuze collaboration platform, and the mitigation steps that have been taken to
correct the issue. The Fuze collaboration platform did not require
authentication to access meeting recordings (CWE-284
[https://cwe.mitre.org/data/definitions/284.html]). Shortly after being informed
of this issue, Fuze disabled public access to all recorded meetings, and
implemented user-configu
4 min
Skills
Are You Enabling Corporate Espionage?
While I was flipping through some news stories the other day, a small headline
appeared that piqued my interest
[http://www.darkreading.com/attacks-breaches/former-st-louis-cardinals-exec-pleads-guilty-to-cyber-espionage-charges/d/d-id/1323824?_mc=RSS_DR_EDT]
.
The headline reads: Former St. Louis Cardinals Exec Pleads Guilty To Cyber
Espionage Charges
Cyber espionage… in baseball? That was too intriguing to pass up!
It essentially describes this: employees from one club, the St Louis Cardina