Posts tagged Research

5 min Cybersecurity

2022 Planning: Designing Effective Strategies to Manage Supply Chain Risk

Rapid7 experts spoke with a group of industry panelists about the challenges of supply chain security and how their organizations are tackling them.

4 min Research

Hands-On IoT Hacking: Rapid7 at DefCon IoT Village, Part 1

At this year's DefCon IoT Village, Rapid7 ran a hands-on hardware hacking exercise that exposed attendees to concepts and methods for IoT hacking.

6 min Research

For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy

When it comes to the state of patching for recent Exchange Server vulnerabilities, the picture is more incomplete than you'd think.

5 min Ransomware

The Ransomware Killchain: How It Works, and How to Protect Your Systems

How does a machine go from one that's working perfectly fine to one that's inoperable due to ransomware? This post takes a close look.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Confluence Server OGNL Injection Our own wvu [https://github.com/wvu-r7] along with Jang [https://twitter.com/testanull] added a module that exploits an OGNL injection ( CVE-2021-26804 [https://attackerkb.com/topics/Eu74wdMbEL/cve-2021-26084-confluence-server-ognl-injection] )in Atlassian Confluence's WebWork component to execute commands as the Tomcat user. CVE-2021-26804 is a critical remote code execution vulnerability in Confluence Server and Confluence Data Center and is actively being expl

8 min Ransomware

The Rise of Disruptive Ransomware Attacks: A Call To Action

Ransomware attacks are on the rise. In this post, we examine the dynamics of this trend and where it might be headed.

2 min Cloud Security

Cloud Challenges in the Age of Remote Work: Rapid7’s 2021 Cloud Misconfigurations Report

The cloud has increased innovation, but it’s also impacted security risks. Our 2021 Cloud Misconfigurations Report takes a closer look at those risks.

6 min Vulnerability Disclosure

CVE-2021-3546[78]: Akkadian Console Server Vulnerabilities (FIXED)

Rapid7 researchers discovered that the Akkadian Console version 4.7, a call manager solution, is affected by two vulnerabilities.

4 min Vulnerability Disclosure

CVE-2021-3927[67]: Fortress S03 WiFi Home Security System Vulnerabilities

Rapid7 researcher Arvind Vishwakarma discovered multiple vulnerabilities in the Fortress S03 WiFi Home Security System.

2 min Metasploit

Metasploit Wrap-Up

Desert heat (not the 1999 film) This week was more quiet than normal with Black Hat USA and DEF CON, but that didn’t stop the team from delivering some small enhancements and bug fixes! We are also excited to see two new modules #15519 [https://github.com/rapid7/metasploit-framework/pull/15519] and #15520 [https://github.com/rapid7/metasploit-framework/pull/15520] from researcher Jacob Baines’ [https://twitter.com/Junior_Baines] DEF CON talk ​​Bring Your Own Print Driver Vulnerability [https://

3 min Virtual Vegas

Black Hat 2021: Rapid7 Experts Share Key Day 2 Takeaways

Here we are again, back for another day of Rapid7 expert debriefings and analysis for some of the most talked-about Black Hat sessions of this year.

8 min Ransomware

Slot Machines and Cybercrime: Why Ransomware Won't Quit Pulling Our Lever

Ransomware remains a significant problem, partly because the incentives for everyone, including victims, are there to increase the number of ransomware attacks.

3 min Virtual Vegas

Black Hat 2021: Rapid7 Experts Share Key Day 1 Takeaways

OK, no big deal, we know how this goes. Once again, many of us are attending Black Hat [https://www.blackhat.com/us-21/] in a virtual capacity as COVID-19 meanders its way out of our lives. The good news is that there’s an actual live component again this year in Las Vegas, and that’s progress. Here’s hoping that next year the pandemic will be more firmly in the rearview and any remaining travel trepidation will be a “2021 thing.” So flip the on-switch to some neon lights if you got ‘em, and l

5 min Emergent Threat Response

PetitPotam: Novel Attack Chain Can Fully Compromise Windows Domains Running AD CS

Late last month (July 2021), security researcher Topotam published a proof-of-concept (PoC) implementation of a novel NTLM relay attack christened “PetitPotam.”

4 min Metasploit

Metasploit Wrap-Up

Now I Control Your Resource Planning Servers Sage X3 is a resource planning product designed by Sage Group which is designed to help established businesses plan out their business operations. But what if you wanted to do more than just manage resources? What if you wanted to hijack the resource server itself? Well wait no more, as thanks to the work of Aaron Herndon [https://www.linkedin.com/in/aaron-herndon-54079b5a/], Jonathan Peterson [https://www.linkedin.com/in/jonathan-p-004b76a1/], Will