Posts tagged Research

The Ransomware Killchain

How does a machine go from one that's working perfectly fine to one that's inoperable due to ransomware? This post takes a close look.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 9/10/21

Confluence Server OGNL Injection Our own wvu along with Jang [https://twitter.com/testanull] added a module that exploits an OGNL injection (CVE-2021-26804 [https://attackerkb.com/topics/Eu74wdMbEL/cve-2021-26084-confluence-server-ognl-injection] )in Atlassian Confluence's WebWork component to execute commands as the Tomcat user. CVE-2021-26804 is a critical remote code execution vulnerability in Confluence Server and Confluence Data Center and is actively being exploited in the wild. Initial di

8 min Ransomware

The Rise of Disruptive Ransomware Attacks: A Call To Action

Ransomware attacks are on the rise. In this post, we examine the dynamics of this trend and where it might be headed.

2 min Cloud Security

Cloud Challenges in the Age of Remote Work: Rapid7’s 2021 Cloud Misconfigurations Report

The cloud has increased innovation, but it’s also impacted security risks. Our 2021 Cloud Misconfigurations Report takes a closer look at those risks.

4 min Cloud Security

SANS Experts: 4 Emerging Enterprise Attack Techniques

According to a report from the SANS Institute, the new wave of attack techniques isn't on the horizon — it’s here.

4 min Vulnerability Disclosure

CVE-2021-3927[67]: Fortress S03 WiFi Home Security System Vulnerabilities

Rapid7 researcher Arvind Vishwakarma discovered multiple vulnerabilities in the Fortress S03 WiFi Home Security System.

2 min Metasploit

Metasploit Wrap-Up 8/6/21

Desert heat (not the 1999 film) This week was more quiet than normal with Black Hat USA and DEF CON, but that didn’t stop the team from delivering some small enhancements and bug fixes! We are also excited to see two new modules #15519 [https://github.com/rapid7/metasploit-framework/pull/15519] and #15520 [https://github.com/rapid7/metasploit-framework/pull/15520] from researcher Jacob Baines’ [https://twitter.com/Junior_Baines] DEF CON talk Bring Your Own Print Driver Vulnerability [https://

8 min Ransomware

Slot Machines and Cybercrime: Why Ransomware Won't Quit Pulling Our Lever

Ransomware remains a significant problem, partly because the incentives for everyone, including victims, are there to increase the number of ransomware attacks.

4 min Metasploit

Metasploit Wrap-Up: Jul. 23, 2021

Now I Control Your Resource Planning Servers Sage X3 is a resource planning product designed by Sage Group which is designed to help established businesses plan out their business operations. But what if you wanted to do more than just manage resources? What if you wanted to hijack the resource server itself? Well wait no more, as thanks to the work of Aaron Herndon [https://www.linkedin.com/in/aaron-herndon-54079b5a/], Jonathan Peterson [https://www.linkedin.com/in/jonathan-p-004b76a1/], Will

2 min Research

Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Deutsche Börse Prime Standard

Rapid7 just released the third in our Industry Cyber-Exposure Report (ICER) series. We've slimmed down our research and reporting style, and this series focuses on five areas we believe that CISOs at mega-corporations actually have a shot at accomplishing.

8 min Vulnerability Disclosure

Akkadian Provisioning Manager Multiple Vulnerabilities Disclosure (Fixed)

Researchers discovered a trio of vulnerabilities in the Akkadian Provisioning Manager version 4.50.18.

4 min Vulnerability Disclosure

CVE-2021-3198 and CVE-2021-3540: MobileIron Shell Escape Privilege Escalation Vulnerabilities

Discovered by Rapid7 researcher William Vu, Ivanti MobileIron Core versions 10.7.0.1-9 and 11.0.0.1-3 suffer from 2 restricted-shell escape vulnerabilities.

6 min CISOs

Rapid7's 2021 ICER Takeaways: Vulnerability Disclosure Programs Among the Fortune 500

We rely on fantastically advanced technology in every aspect of our modern lives. Of course, anyone who has spent any time analyzing these technologies will notice that we are routinely bedeviled with vulnerabilities, especially when it comes to the internet.

1 min Research

Rapid7 Releases New Industry Cyber-Exposure Report (ICER): FTSE 350

We are excited to release the second report in our Industry Cyber-Exposure Report (ICER) series, which digs into cyber-exposure among organizations in the U.K.’s FTSE 350.

3 min Vulnerability Disclosure

CVE-2021-26908 and CVE-2021-26909: Automox Agent Information Disclosure (FIXED)

Rapid7 researcher Danny Jordan discovered two vulnerabilities in the Automox Agent for Windows and macOS.