Posts tagged Research

CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability: What You Need to Know

Vulnerabilities and Exploits

CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability: What You Need to Know

boB Rudis

Rapid7 Analysis: CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability

Threat Research

Rapid7 Analysis: CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability

Rapid7 Labs

Rapid7 Analysis: CVE-2020-1350 Windows DNS Server Remote Code Execution (SigRed)

Threat Research

Rapid7 Analysis: CVE-2020-1350 Windows DNS Server Remote Code Execution (SigRed)

Rapid7 Labs

Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350): What You Need to Know

Threat Research

Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350): What You Need to Know

boB Rudis

Rapid7 Analysis: CVE-2020-6287: Critical Vulnerability in SAP NetWeaver Application Server (AS) Java

Threat Research

Rapid7 Analysis: CVE-2020-6287: Critical Vulnerability in SAP NetWeaver Application Server (AS) Java

Rapid7 Labs

Rapid7 Analysis: CVE-2020-2034 — PAN-OS: OS command injection vulnerability in GlobalProtect portal

Threat Research

Rapid7 Analysis: CVE-2020-2034 — PAN-OS: OS command injection vulnerability in GlobalProtect portal

Rapid7 Labs

Rapid7 Analysis: CVE-2020-5902 — TMUI RCE vulnerability

Threat Research

Rapid7 Analysis: CVE-2020-5902 — TMUI RCE vulnerability

Rapid7 Labs

CVE-2020-2021 Authentication Bypass in PAN-OS Security Assertion Markup Language (SAML) Authentication Disclosed

Vulnerabilities and Exploits

CVE-2020-2021 Authentication Bypass in PAN-OS Security Assertion Markup Language (SAML) Authentication Disclosed

boB Rudis

Rapid7 Analysis: CVE-2020-2021 PAN-OS: Authentication Bypass in SAML Authentication

Threat Research

Rapid7 Analysis: CVE-2020-2021 PAN-OS: Authentication Bypass in SAML Authentication

Rapid7 Labs

Building a Printed Circuit Board Probe Testing Jig

Detection and Response

Building a Printed Circuit Board Probe Testing Jig

Deral Heiland

Rapid7 Quarterly Threat Report: 2020 Q1

Threat Research

Rapid7 Quarterly Threat Report: 2020 Q1

Tod Beardsley

The Masked SYNger: Investigating a Traffic Phenomenon

Threat Research

The Masked SYNger: Investigating a Traffic Phenomenon

matthew berninger

CVE-2020-12271: Sophos XG Firewall Pre-Auth SQL Injection Vulnerability Remediation Guidance and Exposure Overview

Vulnerabilities and Exploits

CVE-2020-12271: Sophos XG Firewall Pre-Auth SQL Injection Vulnerability Remediation Guidance and Exposure Overview

boB Rudis

Meet AttackerKB

Threat Research

Meet AttackerKB

Caitlin Condon

Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)

Detection and Response

Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)

Tom Sellers

CVE-2020-0796: Microsoft SMBv3 Remote Code Execution Vulnerability Analysis

Threat Research

CVE-2020-0796: Microsoft SMBv3 Remote Code Execution Vulnerability Analysis

Bryce Abdo

Rapid7 2020 Threat Report: Exposing Common Attacker Trends

Threat Research

Rapid7 2020 Threat Report: Exposing Common Attacker Trends

Tod Beardsley

How We Used Data Science Magic to Predict Key RSA 2020 Themes and Takeaways

Security Operations

How We Used Data Science Magic to Predict Key RSA 2020 Themes and Takeaways

Mark Hamill

DOUBLEPULSAR over RDP: Baselining Badness on the Internet

Threat Research

DOUBLEPULSAR over RDP: Baselining Badness on the Internet

Tom Sellers

DOUBLEPULSAR RCE 2: An RDP Story

Products and Tools

DOUBLEPULSAR RCE 2: An RDP Story

William Vu

Active Exploitation of Citrix NetScaler (CVE-2019-19781): What You Need to Know

Threat Research

Active Exploitation of Citrix NetScaler (CVE-2019-19781): What You Need to Know

Derek Abdine