3 min
Metasploit
Metasploit Wrap-Up
GitLab RCE
New Rapid7 team member jbaines-r7 [https://github.com/jbaines-r7] wrote an
exploit targeting GitLab via the ExifTool command. Exploiting this vulnerability
results in unauthenticated remote code execution as the git user. What makes
this module extra neat is the fact that it chains two vulnerabilities together
to achieve this desired effect. The first vulnerability is in GitLab itself that
can be leveraged to pass invalid image files to the ExifTool parser which
contained the second v
6 min
IoT
Hands-On IoT Hacking: Rapid7 at DefCon 29 IoT Village, Part 3
The goal in this next phase of the IoT hacking exercise is to turn the console back on.
12 min
Malware
Sneaking Through Windows: Infostealer Malware Masquerades as Windows Application
Rapid7's Managed Detection and Response (MDR) team recently identified a malware campaign whose payload installs itself as a Windows application.
6 min
Research
Hands-On IoT Hacking: Rapid7 at DefCon IoT Village, Part 2
In part 2 of our series on Rapid7's IoT hacking exercise from DefCon 29, we look at how to determine whether the header we created is UART.
3 min
Research
Recog: Data Rules Everything Around Me
Rapid7 has updated the recog framework to help solve the conundrum of content versus code.
5 min
2022 Planning
2022 Planning: Designing Effective Strategies to Manage Supply Chain Risk
Rapid7 experts spoke with a group of industry panelists about the challenges of supply chain security and how their organizations are tackling them.
4 min
Research
Hands-On IoT Hacking: Rapid7 at DefCon IoT Village, Part 1
At this year's DefCon IoT Village, Rapid7 ran a hands-on hardware hacking exercise that exposed attendees to concepts and methods for IoT hacking.
6 min
Research
For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy
When it comes to the state of patching for recent Exchange Server vulnerabilities, the picture is more incomplete than you'd think.
5 min
Ransomware
The Ransomware Killchain: How It Works, and How to Protect Your Systems
How does a machine go from one that's working perfectly fine to one that's inoperable due to ransomware? This post takes a close look.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up
Confluence Server OGNL Injection
Our own wvu [https://github.com/wvu-r7] along with Jang
[https://twitter.com/testanull] added a module that exploits an OGNL injection (
CVE-2021-26804
[https://attackerkb.com/topics/Eu74wdMbEL/cve-2021-26084-confluence-server-ognl-injection]
)in Atlassian Confluence's WebWork component to execute commands as the Tomcat
user. CVE-2021-26804 is a critical remote code execution vulnerability in
Confluence Server and Confluence Data Center and is actively being expl
8 min
Ransomware
The Rise of Disruptive Ransomware Attacks: A Call To Action
Ransomware attacks are on the rise. In this post, we examine the dynamics of this trend and where it might be headed.
2 min
Cloud Security
Cloud Challenges in the Age of Remote Work: Rapid7’s 2021 Cloud Misconfigurations Report
The cloud has increased innovation, but it’s also impacted security risks. Our 2021 Cloud Misconfigurations Report takes a closer look at those risks.
6 min
Vulnerability Disclosure
CVE-2021-3546[78]: Akkadian Console Server Vulnerabilities (FIXED)
Rapid7 researchers discovered that the Akkadian Console version 4.7, a call manager solution, is affected by two vulnerabilities.
4 min
Vulnerability Disclosure
CVE-2021-3927[67]: Fortress S03 WiFi Home Security System Vulnerabilities
Rapid7 researcher Arvind Vishwakarma discovered multiple vulnerabilities in the Fortress S03 WiFi Home Security System.
2 min
Metasploit
Metasploit Wrap-Up
Desert heat (not the 1999 film)
This week was more quiet than normal with Black Hat USA and DEF CON, but that
didn’t stop the team from delivering some small enhancements and bug fixes! We
are also excited to see two new modules #15519
[https://github.com/rapid7/metasploit-framework/pull/15519] and #15520
[https://github.com/rapid7/metasploit-framework/pull/15520] from researcher
Jacob Baines’ [https://twitter.com/Junior_Baines] DEF CON talk Bring Your Own
Print Driver Vulnerability [https://