2 min
Emergent Threat Response
SolarWinds Patches Four New Vulnerabilities in Their Orion Platform
SolarWinds released fixes for 4 new vulnerabilities in their Orion platform, the most severe of which is an authenticated RCE flaw due to a JSON deserialization weakness.
Read Full Post
5 min
News
F5 Discloses Eight Vulnerabilities—Including Four Critical Ones—in BIG-IP Systems
On March 10, 2021, F5 disclosed eight vulnerabilities, four of which are deemed "critical."
Read Full Post
2 min
Research
Introducing the 2020 Vulnerability Intelligence Report: 50 CVEs that Made Headlines in 2020
Our 2020 Vulnerability Intelligence Report examines 50 vulnerabilities from 2020 to highlight exploitation patterns, explore attacker use cases, and offer a practical framework for understanding new threats.
Read Full Post
9 min
Vulnerability Management
Patch Tuesday - March 2021
Another Patch Tuesday (2021-Mar
[https://msrc.microsoft.com/update-guide/releaseNote/2021-Mar]) is upon us and
with this month comes a whopping 122 CVEs. As usual Windows tops the list of
the most patched product. However, this month it’s browser vulnerabilities
taking the second place, outnumbering Office vulnerabilities 3:1! Lastly, the
Exchange Server vulnerabilities this month are not to be ignored as more than
half of them have been seen exploited in the wild.
Vulnerability Breakdown by S
Read Full Post
3 min
Cloud Security
How to Keep Up With Vulnerability Management Challenges in Ephemeral Cloud Environments
The modern perspective is that the cloud has made it much easier to have visibility of your attack surface and everything you’re working with.
Read Full Post
4 min
News
Mass Exploitation of Exchange Server Zero-Day CVEs: What You Need to Know
On March 2, Microsoft released details on an active state-sponsored threat campaign exploiting four zero-day vulnerabilities in on-premises instances of Microsoft Exchange Server.
Read Full Post
4 min
Vulnerability Management
Building a Holistic VRM Strategy That Includes the Web Application Layer
Co-sponsored by Forrester, a recent Rapid7 webcast expounds upon the topics discussed in this blog post.
Read Full Post
2 min
News
VMware vCenter Server CVE-2021-21972 Remote Code Execution Vulnerability: What You Need to Know
On Feb. 23, 2021, VMware published an advisory describing three weaknesses affecting VMware ESXi, VMware vCenter Server, and VMware Cloud Foundation.
Read Full Post
4 min
Vulnerability Management
Take the Full-Stack Approach to Securing Your Modern Attack Surface
Let’s take a more in-depth look at modern vulnerability risk management (VRM) and what to look for in a holistic solution.
Read Full Post
4 min
InsightVM
New InsightVM Dashboard Helps You Discover Significant Changes in Your Environment from the Past 30 Days
Organizations are in a constant struggle to identify and reduce risks in their constantly changing environments
Read Full Post
4 min
Vulnerability Disclosure
CVE-2021-22652: Advantech iView Missing Authentication RCE (FIXED)
Advantech iView versions prior to 5.7.03.6112 suffer from an instance of "CWE-306: Missing Authentication For Critical Function."
Read Full Post
7 min
Vulnerability Management
Patch Tuesday - February 2021
The second Patch Tuesday of 2021 is relatively light on the vulnerability count,
with 64 CVEs being addressed across the majority of Microsoft’s product
families. Despite that, there’s still plenty to discuss this month.
Vulnerability Breakdown by Software Family
FamilyVulnerability CountWindows28ESU14Microsoft Office11Browser9Developer Tools
8Microsoft Dynamics2Exchange Server2Azure2System Center2Exploited and Publicly
Disclosed Vulnerabilities
One zero-day was announced: CVE-2021-1732
[https:
Read Full Post
2 min
News
Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products
Cisco has released security updates to address vulnerabilities in most of their product portfolio.
Read Full Post
3 min
News
SonicWall SNWLID-2021-0001 Zero-Day and SolarWinds’ 2021 CVE Trifecta: What You Need to Know
2021 continues to deliver with an unpatched zero-day exposure in some SonicWall appliances and three moderate-to-critical CVEs in SolarWinds software.
Read Full Post
2 min
Vulnerability Management
Vulnerability Scanning With the Metasploit Remote Check Service (Beta Release)
InsightVM and Nexpose customers can now harness the power of the Metasploit community to assess their exposure to the latest threats.
Read Full Post
1 min
Vulnerability Management
Upcoming Rapid7 Webcast: How Far Does Your VRM Strategy Go?
Web applications have been growing in complexity over the past several years, while also becoming the preferred method for attackers looking to capitalize.
Read Full Post
7 min
Vulnerability Management
Patch Tuesday - January 2021
We arrive at the first Patch Tuesday of 2021 (2021-Jan
[https://msrc.microsoft.com/update-guide/releaseNote/2021-Jan]) with 83
vulnerabilities across our standard spread of products. Windows Operating
System vulnerabilities dominated this month's advisories, followed by Microsoft
Office (which includes the SharePoint family of products), and lastly some from
less frequent products such as Microsoft System Center and Microsoft SQL Server.
Vulnerability Breakdown by Software Family
FamilyVulnera
Read Full Post
4 min
InsightVM
What’s New in InsightVM: Q4 2020 in Review
Here’s our roundup of the new and improved InsightVM features we’ve updated in Q4 2020.
Read Full Post
4 min
DevSecOps
Shifting Security Right: How Cloud-Based SecOps Can Speed Processes While Maintaining Integrity
Let’s take a look at some key insights on current industry efforts to more closely integrate DevOps and SecOps—and how you can plot your best path forward.
Read Full Post
3 min
InsightVM
Set New InsightVM Goals and Share with Your Team for Increased Visibility and More Efficient Execution
Since 2018, thousands of enterprises have utilized InsightVM’s Goals and SLAs feature to build their organization-specific security goals.
Read Full Post
3 min
InsightVM
How to Gain Visibility Into Audit Logs for Policy Customization in InsightVM
In this blog, we will be focusing on a simple use case that enables your organization to achieve greater visibility into your policy customization process.
Read Full Post
4 min
Vulnerability Management
The Risky Business: Rapid7 Report Highlights Need for Improved Vulnerability Management Practices
Based on the assessment of 24 service protocols, Rapid7’s NICER revealed key insights about the current state of the internet.
Read Full Post
7 min
News
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform.
Read Full Post
2 min
InsightVM
InsightVM Now Integrates With Snyk for Deep Visibility Into Container Vulnerabilities
We're excited to announce that InsightVM now integrates with Synk for deep visibility into container vulnerabilities.
Read Full Post
2 min
InsightVM
New All Apps and Asset Report Combines Power of InsightVM and InsightAppSec for Boosted Visibility
When speaking with customers, we continue to hear that they are looking for more visibility into their vulnerability risk management activities.
Read Full Post
6 min
Vulnerability Management
Patch Tuesday - December 2020
We close off our 2020 year of Patch Tuesdays with 58 vulnerabilities being
addressed. While it's a higher count than our typical December months (high
thirties), it's still a nice breath of fresh air given how the past year has
been. We do, however, get to celebrate that none of the reported vulnerabilities
covered this month has been publicly exploited nor previously publicly disclosed
and only 9 of the 58 vulnerabilities have been marked as Critical by Microsoft.
In terms of actionables, stan
Read Full Post
5 min
Under the Hoodie
2020 Under the Hoodie Report Reveals Pen Testers’ Most-Loved Vulnerabilities
Understanding the vulnerabilities that pen testers rely on will help you make sure your organization is prepared to patch particular vulnerabilities.
Read Full Post
6 min
InsightVM
How to Create an OS-Based Policy Scanning Workflow in InsightVM
In this blog, we provide a step-by-step walkthrough of how to create an OS-based policy scanning workflow in InsightVM.
Read Full Post
3 min
Vulnerability Management
Threat and Vulnerability Management Best Practices
In this blog post, we provide a high-level overview of vulnerability management and why it’s critical for modern businesses.
Read Full Post
3 min
Vulnerability Management
Defining Vulnerability Risk Management (and How to Build a Modern VRM Program)
Once upon a time (just a handful of years ago), vulnerability management
[https://www.rapid7.com/solutions/vulnerability-management/] programs focused
solely on servers, running quarterly scans that targeted only critical systems.
But that was then, and you can’t afford such a limited view in the now. Truth
is, vulnerability exploitation now happens indiscriminately across the modern
attack surface—from local and remote endpoints to on-prem and cloud
infrastructure to web applications and con
Read Full Post
2 min
InsightVM
What’s New in InsightVM: Q3 2020 in Review
Here at Rapid7, we’re pretty proud of the work that goes into keeping InsightVM a leader in the vulnerability risk management space.
Read Full Post
3 min
Vulnerability Management
Patch Tuesday - November 2020
Jumping right back to a triple digit volume of vulnerabilities resolved,
Microsoft covers 112 CVEs this November affecting products ranging from our
standard Windows Operating Systems and Microsoft Office products to some new
entries such as Azure Sphere.
Microsoft CVE-2020-17087: Windows Kernel Local Elevation of Privilege
Vulnerability
[https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17087]
Coming as no surprise to anyone, the previously disclosed CVE-2020-17087
zero-day
Read Full Post
2 min
News
SaltStack Pre-Authenticated Remote Root (CVE-2020-16846 and CVE-2020-25592): What You Need to Know
When combined, a new pair of SaltStack vulnerabilities can result in unauthenticated remote root access on a target system.
Read Full Post
3 min
Vulnerability Management
Oracle WebLogic Unauthenticated Complete Takeover (CVE-2020-14882/CVE-2020-14750): What You Need to Know
Attackers opting for tricks instead of treats this week as they seek out and attempt to compromise internet-facing WebLogic servers that are vulnerable to CVE-2020-14882.
Read Full Post
7 min
Vulnerability Management
Trick or Treat! What We Can Learn from the Spookiest Vulnerabilities of the Year
We put together a list of some of the scariest vulnerabilities of the year and the remediation solutions that can help you stay on guard in the future.
Read Full Post
2 min
InsightVM
Rapid7 Announces Improvements to Goals and SLAs in InsightVM
We’re excited to announce that creating a goal or SLA in InsightVM just became a lot simpler.
Read Full Post
14 min
InsightVM
Scan Template Best Practices in InsightVM
This blog post will give you a ballpark best practice that applies to the majority of environments, as well as some descriptions that outline the thought process, math, and reasoning.
Read Full Post
9 min
Vulnerability Disclosure
Vulntober: Multiple Mobile Browser Address Bar Spoofing Vulnerabilities
Today, we're announcing a coordinated vulnerability disclosure on a set of address bar spoofing vulnerabilities that affect a number of mobile browsers.
Read Full Post
1 min
InsightVM
Fewer False Alarms, Faster Reporting: InsightVM Introduces New One-Click Fix For False Positives
Let’s talk false positives. They’re frustrating and faulty to anyone in security. The good news? We’ve added even more ways to reduce the noise they cause.
Read Full Post
3 min
Vulnerability Management
There Goes The Neighborhood: Dealing With CVE-2020-16898 (and CVE-2020-1656) (aka"Bad Neighbor")
Microsoft released a patch for BSoD + RCE CVE-2020-16898 ("Bad Neighbor") in the October 2020 Patch Tuesday vulnerability disclosures along with Juniper releasing CVE-2020-1656 the same week.
Read Full Post
4 min
Vulnerability Management
Patch Tuesday - October 2020
Microsoft brings us an October's Update Tuesday with 87 vulnerabilities, a
sub-100 number we haven't experienced in quite some time. To further add to this
oddity, there are no Browser-based vulnerabilities to mention and the arrival of
a new Adobe Flash vulnerability CVE-2020-9746
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200012].
Despite this month's lower numbers, there are some precautions we should all
take to remediate our environments quickly and effectively.
Read Full Post
4 min
InsightVM
How InsightVM Helps You Save Time and Prove Value
In this post, we’ll cover how InsightVM helps teams tackle operational challenges, maximize resources, and prove the value and ROI of their efforts.
Read Full Post
3 min
Vulnerability Management
Why Every Organization Needs a Vulnerability Management Policy
In this blog post, we will discuss why vulnerability management is critical for any organization looking to reduce risk.
Read Full Post
2 min
News
HP Device Manager Cavalcade of Critical CVEs (CVE-2020-6925:6927): What You Need to Know
HP released a security bulletin on Sept. 25, 2020, disclosing a set of vulnerabilities in HP Device Manager.
Read Full Post
5 min
Research
Microsoft Exchange 2010 End of Support and Overall Patching Study
Today's topic is Exchange 2010, which reaches end of support (EoS) on Oct. 13, 2020, as well as a survey of other versions of Exchange and how well they are being kept up-to-date.
Read Full Post
3 min
InsightVM
Decentralize Remediation Efforts to Gain More Efficiency with InsightVM
We’re excited to introduce you to two new InsightVM product updates to help you further reduce friction, save time, and gain greater efficiency.
Read Full Post
2 min
Vulnerability Management
CVE-2020-1472 "Zerologon" Critical Privilege Escalation: What You Need To Know
CVE-2020-1472 is a critical privilege escalation vulnerability that can yield an attacker full takeover of an affected network. Here's what you need to know.
Read Full Post
3 min
Vulnerability Management
Vulnerability Remediation vs. Mitigation: What’s the Difference?
In this blog, we dive into better understanding the difference between vulnerability mitigation vs. remediation.
Read Full Post
4 min
InsightVM
How to Track and Remediate Default Account Vulnerabilities in InsightVM
In this blog post, we discuss older, lesser-known features that can still provide amazing value in your vulnerability management program using InsightVM.
Read Full Post
3 min
Vulnerability Management
Patch Tuesday - September 2020
129 Vulnerabilities Patched in Microsoft's September 2020 Update Tuesday
(2020-Sep Patch Tuesday)
Despite maintaining the continued high volume of vulnerabilities disclosed and
patched this month, Microsoft's 129-Vulnerability September 2020 Update Tuesday
is seemingly calm from an operations perspective -- at first glance.
While following standard procedures of scheduling the patching for Windows OSes
up front immediately closes the door against 60%+ of the vulnerabilities being
disclosed this
Read Full Post
3 min
InsightVM
How Three InsightVM Customers Scaled Their Vulnerability Management Programs with Rapid7
To run a VM program as a well-oiled machine, you need all the pieces in place, from visibility of all of your assets to effective reporting mechanisms.
Read Full Post
5 min
InsightVM
Automated External Sonar Scanning Workflow with InsightVM
In this blog post, we discuss an external scanning strategy that you will want to implement with your InsightVM deployment.
Read Full Post
4 min
Vulnerability Management
Patch Tuesday - August 2020
120 Vulnerabilities Patched in Microsoft's August 2020 Update Tuesday (2020-Aug
Patch Tuesday)
August 2020 brings along patches for 120 vulnerabilities within the standard set
of Microsoft products (Windows, Office, Browsers, and Developer Tools such as
.NET Framework, ASP.NET, and Visual Studio). Among the crowd are two
vulnerabilities: CVE-2020-1464
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464]
, and CVE-2020-1380
[https://portal.msrc.microsoft.com/en-US/s
Read Full Post
3 min
InsightVM
What’s New in InsightVM: H1 2020 in Review
Throughout the first half of the year, we released updates and features to help security teams work more effectively and efficiently in InsightVM.
Read Full Post
9 min
Virtual Vegas
Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 2 Sessions
Our Rapid7 experts attended another day of incredible talks, and have plenty of key takeaways and insights to share about their Virtual Vegas sessions.
Read Full Post
9 min
Virtual Vegas
Virtual Black Hat: Rapid7 Experts Share Key Takeaways from Day 1 Sessions
Even from home, it can be tough to catch what you want to see at Black Hat, so we had our experts do the work for you as part of our Virtual Vegas event.
Read Full Post
3 min
Vulnerability Management
Remote Code Execution Risks in Secomea, Moxa, and HMS eWon ICS VPN Vulnerabilities: What You Need to Know
On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across products of three industrial control system (ICS) vendors’ — HMS, Secomea, and Moxa — remote access technologies.
Read Full Post
4 min
Vulnerability Management
Hear from Your Peers: Advice for Your First 90 Days Using a Vulnerability Management Solution
In a recent survey with InsightVM customers, we asked them to share their best tips for the first 90 days of using a vulnerability management solution.
Read Full Post
3 min
Vulnerability Management
CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal Vulnerability: What You Need to Know
On July 22, Cisco released a patch for a high-severity read-only patch traversal vulnerability in its Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products.
Read Full Post
5 min
InsightVM
Q&A from June 2020 Customer Webcast on InsightVM Custom Policy Builder
During our most recent webcast on InsightVM's Custom Policy Builder, we received a lot of great questions from attendees.
Read Full Post
3 min
Vulnerability Management
Patch Tuesday - July 2020
100+ vulnerabilities patched during Patch Tuesdays the new norm
Another 123 CVEs are covered this month from Microsoft for the 2020-Jul Patch
Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Jul]
. In addition to our usual suspects like Windows, Internet Explorer/Microsoft
Edge, and Microsoft Office this Patch Tuesday addresses several developer-type
tools such as .NET Framework, Visual Studio Code ESLint extension along with
various Open Source Software
Read Full Post
4 min
Vulnerability Management
Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350): What You Need to Know
On Tuesday, July 14, 2020, Microsoft released a patch for a 17-year-old remote code execution (RCE) vulnerability in Windows Domain Name System (DNS) servers discovered by Check Point researchers.
Read Full Post
4 min
Vulnerability Management
CVE-2020-6287: Critical Vulnerability in SAP NetWeaver Application Server (AS) Java
The new SAP vulnerability (RECON), a critical vulnerability affecting the SAP NetWeaver Application Server (AS) Java component LM Configuration Wizard, is a huge deal.
Read Full Post
3 min
Vulnerability Management
12 Most Exploited Vulnerabilities: How to Navigate Vulnerabilities in a Security Program
Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) laid out the 12 most exploited vulnerabilities since 2016.
Read Full Post
3 min
InsightVM
Gain a More Dynamic View: How to Connect Cloud Configuration Assessment in InsightVM to CloudTrail in AWS
Here, we will delve into how to enable Cloud Configuration Assessment to maintain a more dynamic view of an AWS account through integrating with CloudTrail.
Read Full Post
3 min
InsightVM
How to Use Custom Policy Builder to Customize Password Policies in InsightVM
In this post, we are going to focus on commonly used customizations for password policies by our customers.
Read Full Post
3 min
Customer Perspective
Customer Spotlight: How Amedisys CISO Proves Security’s Value to the Business
Richard Kaufmann, CISO of Amedisys, talks about the importance of measuring value in terms of business impact and successfully securing more budget.
Read Full Post
3 min
Security Nation
Advancements in Vulnerability Reporting in the Post-PGP Era: A Conversation with Art Manion
On this week’s episode of Security Nation, Art Manion of the CERT Coordination Center gets us up to speed on vulnerability analysis and management.
Read Full Post
3 min
Vulnerability Management
How to Approach Risk Management: Advice from Rapid7 Customers
Learn how these security professionals approach risk, and their best advice for others looking to better their approach to risk management.
Read Full Post
4 min
InsightVM
Introducing a New InsightVM Dashboard to Monitor External and Remote Workforce Assets in Your Environment
In order to help our customers better track their remote workforce and external assets, we are introducing a new customizable dashboard within InsightVM.
Read Full Post
5 min
Vulnerability Management
How Team Collaboration Can Help You Scale the Vulnerability Mountain
In this blog post, we’ll break down how to do this through team collaboration, key processes, and good security design.
Read Full Post
3 min
Vulnerability Management
Patch Tuesday - June 2020
June 2020's Microsoft Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Jun]
gives us a whopping 129 CVEs patched (excluding Adobe Flash which addresses
CVE-2020-9633
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200010]
-- a high severity remote code execution vulnerability). While the consistently
high volume of vulnerabilities being addressed each month is alarming at times,
there is a sense of peace in the steps Micros
Read Full Post
3 min
Security Nation
Developing Sustainable Vulnerability Management with Katie Moussouris
On this week’s episode of Security Nation, we’re delighted to be joined by Katie Moussouris, CEO and Founder of Luta Security.
Read Full Post
5 min
InsightVM
Custom Policy Builder Is Now Available in InsightVM
In today’s policy customization post, we focus on Center for Internet Security (CIS) policies.
Read Full Post
3 min
InsightVM
Finding Flexibility in Your Vulnerability Management Solution
In this post, we’re sharing the three key areas of flexibility within InsightVM, and how this can benefit your vulnerability management initiatives.
Read Full Post
6 min
InsightVM
Q&A from April 2020 Customer Webcast on InsightVM Dashboards & Executive Summary Report
In this blog post, we wanted to address a number of commonly asked questions regarding InsightVM Dashboards.
Read Full Post
2 min
InsightVM
Rapid7’s InsightVM Receives Five Stars from SC Magazine
We’re proud to announce that Rapid7’s InsightVM solution was recently reviewed by SC Magazine and received a five-star report.
Read Full Post
2 min
Vulnerability Management
Patch Tuesday - May 2020
Microsoft's fifth Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-May]
of the year brings us fixes for 111 different security issues, just a touch
under what we saw from them last month [/2020/04/14/patch-tuesday-april-2020/]
but still on the higher side of their typical volume. No 0-days to speak of, and
no vulnerabilities that had been publicly disclosed before today.
The bulk of this month's fixes, as well as most of the critical ones, are fo
Read Full Post
4 min
Vulnerability Management
Three Switching Costs to Consider When Evaluating a New Vulnerability Management Solution
If you’re looking to switch vulnerability management solutions, read on as we discuss three areas to consider and how to communicate them to leadership.
Read Full Post
4 min
Vulnerability Management
May 2020 Cisco Remote Vulnerabilities Guidance
Cisco has posted patches for 34 vulnerabilities on May 6, 2020, with half a dozen that require your immediate attention.
Read Full Post
4 min
Vulnerability Management
How to Increase Your Security Team's Visibility Within Your Organization—And What Happens When You Do
In this post, we’ll discuss how you can increase visibility and communication across the organization to improve your team’s reputation and resources.
Read Full Post
2 min
InsightVM
Reduce Risk with CyberArk and Rapid7 Integrations
There are a number of out-of-the-box integrations between CyberArk and Rapid7 that can help organizations both reduce risk and ease the burden on operations teams.
Read Full Post
5 min
Research
CVE-2020-12271: Sophos XG Firewall Pre-Auth SQL Injection Vulnerability Remediation Guidance and Exposure Overview
On April 22, Sophos received a report documenting a suspicious field value visible in the management interface of an XG Firewall.
Read Full Post
2 min
InsightVM
Nmap Service Detection for Nexpose and InsightVM Scan Engines
As of version 6.6.14 of Nexpose and InsightVM, the Scan Engine can now utilize Nmap service probes in addition to existing detection methods to improve the discovery of previously unsupported protocols and services.
Read Full Post
2 min
Vulnerability Management
Patch Tuesday - April 2020
Global working-from-home routines haven't slowed down Microsoft and its ability
to help close up vulnerabilities in their products. This April Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Apr]
(WFH-edition), Microsoft has knocked 113 vulnerabilities out of the park. It's
not the highest we've seen, but it is still an impressive spread of fixes coming
in this month with a fair number resolving SharePoint and Office vulnerabilities
along with the
Read Full Post
2 min
Vulnerability Management
Answers to Three FAQs About the New-and-Improved Cloud Configuration Assessment Remediation Content in InsightVM
Security expert answers FAQs about the new-and-improved cloud configuration assessment remediation content in InsightVM
Read Full Post
7 min
Microsoft
Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)
As of March 24, there were over 350,000 Microsoft Exchange servers exposing a version of the software with a vulnerability.
Read Full Post
6 min
Vulnerability Management
4 Common Goals For Vulnerability Risk Management Programs
This post will give you a glimpse into the research to pinpoint under-served and unmet customer needs in the vulnerability risk management space.
Read Full Post
17 min
Vulnerability Disclosure
Dispelling Zoom Bugbears: What You Need to Know About the Latest Zoom Vulnerabilities
In this blog, we break down what you need to know about the recent Zoom security issues and its vulnerability remediation process.
Read Full Post
5 min
Vulnerability Management
How to Measurably Reduce False Positive Vulnerabilities by Up To 22%
Today, we discuss how to measurably reduce false positive vulnerabilities so you can reallocate your team's time and resources.
Read Full Post
2 min
Vulnerability Management
Rapid7 Named a March 2020 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment
The Rapid7 team is excited to announce that we have been recognized as a March 2020 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment.
Read Full Post
2 min
Vulnerability Management
Active Exploitation of Unpatched Windows Font Parsing Vulnerability
Rapid7 analysis and customer guidance for a pair of unpatched font parsing vulnerabilities in multiple versions of Microsoft Windows (ADV200006).
Read Full Post
4 min
Security Nation
Proactive Security Is the New Black: Lessons from the Trenches of Building a Security Product
On this week’s Security Nation, we spoke with Alex Kreilein, CISO for RapidDeploy, a back-end SaaS service for 911 and emergency communication systems.
Read Full Post
5 min
Vulnerability Management
Redefining How to Measure the Success of Your Vulnerability Management Program
In this post, we’ll discuss which vulnerability risk management metrics matter and which ones don’t, and how to communicate them effectively.
Read Full Post
4 min
Vulnerability Management
How to Understand the TCO and ROI of Your Vulnerability Management Program
In this blog, we discuss the total cost of ownership (TCO) compared to the potential return on investment (ROI) of your Vulnerability Management program.
Read Full Post
3 min
Vulnerability Risk Management
CVE-2020-0796: Microsoft SMBv3 Remote Code Execution Vulnerability Analysis
Rapid7 analysis and exposure data on CVE-2020-0796, a critical remote code execution vulnerability in Microsoft's SMBv3 protocol.
Read Full Post
2 min
Vulnerability Management
Patch Tuesday - March 2020
Let's start off talking about CVE-2020-0688
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688]
from last month -- the Microsoft Exchange Validation Key RCE vulnerability. At
the time it was published February 11, 2020, the vulnerability had not seen
active exploitation. As of March 9, 2020, there were increasing reports of
activity
[https://www.zdnet.com/article/multiple-nation-state-groups-are-hacking-microsoft-exchange-servers/]
happening on unpatched Exchange
Read Full Post
4 min
InsightVM
How to Improve Vulnerability Patching Efficiency through Automation
In this blog, we discuss how automation can improve your security team's patching efficiency.
Read Full Post
8 min
InsightVM
ServiceNow CMDB Asset Import Using the InsightVM Integration for ServiceNow CMDB
This is part two of our series covering the recently released InsightVM Integration for ServiceNow CMDB application available on the ServiceNow Platform.
Read Full Post
4 min
InsightAppSec
InsightVM + InsightAppSec: A Love Story
Today, we take a moment to appreciate how two of our products, InsightVM and InsightAppSec, work together to secure the entire tech stack for our customers.
Read Full Post
4 min
Cloud Security
How to Handle Misconfigurations in the Cloud
In part three of our four-part series on security in the cloud, we will cover how to handle misconfigurations in the cloud.
Read Full Post
3 min
Patch Tuesday
Patch Tuesday - February 2020
A relatively modest 99-vulnerability February Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Feb]
has arrived with a fix for the Internet Explorer 0-day CVE-2020-0674
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674]
(originally ADV200001
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200001])
announced back on January 17. Fortunately, that is the only vulnerability
reported this month th
Read Full Post
2 min
Vulnerability Management
Rapid7 Analysis and Guidance: CDPwn (CVE-2020-3118)
This blog focuses on CVE-2020-3118, which Rapid7 considers to be the most severe and important of the CDPwn vulnerability group.
Read Full Post
4 min
AWS
How to Identify, Prioritize and Remediate Vulnerabilities in the Cloud
In part two of our series on security in the cloud, we’ll discuss how to detect, prioritize, and remediate vulnerabilities that you find in your cloud environment.
Read Full Post
3 min
Vulnerability Management
How to Measure the ROI of Your Vulnerability Risk Management Solution
In this blog, we discuss the seven key criteria you should consider when picking and measuring the efficacy of a vulnerability management solution.
Read Full Post
3 min
Vulnerability Management
Vulnerability Management in the Cloud: Addressing the AWS Shared Responsibility Model
In this post, we’ll show you what you’re responsible for securing in the cloud, how vulnerability management differs in the cloud, and how to minimize risk.
Read Full Post
4 min
InsightVM
Driving Vulnerability Remediation Through Better Collaboration with Security, IT, and DevOps Teams
If you feel anxious about the time it takes to remediate vulnerabilities, you’re not alone. These worries are very common among security professionals.
Read Full Post
4 min
Research
Active Exploitation of Citrix NetScaler (CVE-2019-19781): What You Need to Know
A a directory traversal vulnerability was announced in the Citrix Application Discovery Controller and Citrix Gateway, which would allow a remote, unauthenticated user to write a file to a location on disk.
Read Full Post
10 min
Vulnerability Management
How to Get Started with the InsightVM Integration for ServiceNow CMDB
Rapid7 is excited to announce the release of a new ServiceNow Platform application for InsightVM with the ServiceNow CMDB.
Read Full Post
2 min
Vulnerability Management
Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601): What You Need to Know
In this blog, we discuss everything you need to know about the CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability.
Read Full Post
3 min
Vulnerability Management
Patch Tuesday - January 2020
The first Patch Tuesday of 2020 has been hotly anticipated due to a rumour
[https://twitter.com/wdormann/status/1216763957446422528] that Microsoft would
be fixing a severe vulnerability in a fundamental cryptographic library. It
turns out that the issue in question is indeed serious, and was reported to
Microsoft by the NSA: CVE-2020-0601
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601]
is a flaw in the way Windows validates Elliptic Curve Cryptography (ECC)
c
Read Full Post
4 min
InsightVM
How to Define and Communicate Vulnerability Risk Across Your Company
In this post, we discuss how to define risk, the differences between risks, threats, and vulnerabilities, and how to communicate this to leadership teams.
Read Full Post
4 min
InsightVM
Simplify Your Data Search with Query Builder in InsightVM
Query Builder is now available in InsightVM, which means gone are the days of relying solely on complex query languages like SQL or third-party tools.
Read Full Post
4 min
InsightVM
7 Vulnerability Risk Management Resolutions To Consider in the New Year
In this blog, we discuss seven Vulnerability Risk Management resolutions that all security professionals should be making in 2020.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - December 2019
Today we come to the end of 2019's monthly Microsoft Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec]
(also known as Update Tuesday). This Christmas, Microsoft presents us with 36
vulnerabilities (that's two less than this time last year!) and no new
vulnerabilities from Adobe for Adobe Flash.
Unfortunately, despite a light month, there's still action to be taken.
CVE-2019-1458
[https://portal.msrc.microsoft.com/en-US/security-guidance/advis
Read Full Post
4 min
Vulnerability Management
How to Actually Reduce Risk in Your Environment
In this blog, we discuss how to actually reduce risk in your technology environment using a vulnerability risk management program.
Read Full Post
4 min
InsightVM
InsightVM Delivers 342% ROI through Clarity, Influence, and Progress
No matter the measure of success, InsightVM is built to give security professionals clarity, influence, and progress. Let’s dive into how.
Read Full Post
3 min
Public Policy
What Is Texas Senate Bill 820, and How Will It Affect Your School District?
In this post, we share how SB 820 will affect your school and district, and how you can respond by selecting a framework to improve your security program.
Read Full Post
5 min
Managed Security Service Providers
How to Develop a Common Language for Security Buy-In Across Your Business
In this blog, we break-down what keeps organizations from advancing their security programs, and how businesses can establish security priorities.
Read Full Post
3 min
Patch Tuesday
Patch Tuesday - November 2019
November's Patch Tuesday is upon us and, this month, Microsoft addressed 74
vulnerabilities of which one Internet Explorer vulnerability (CVE-2019-1429
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1429]
) has been seen under active exploitation. By prioritizing the released
Microsoft Windows and Internet Explorer patches, the door to 58 of the 74
vulnerabilities will be closed off. Also, for the second month in a row, this
Patch Tuesday sees an absent security upd
Read Full Post
4 min
InsightVM
The Anatomy of RDP Exploits: Lessons Learned from BlueKeep and DejaBlue
In this blog, we discuss lessons learned from RDP exploits such as BlueKeep and DejaBlue, and how organizations can be protected form future vulnerabilities.
Read Full Post
4 min
InsightVM
5 Steps to Go from Patch Management to Vulnerability Management
The terms “patch management” and “vulnerability management” are sometimes used interchangeably, but it is important to understand the difference.
Read Full Post
4 min
InsightVM
InsightVM vs. Managed Vulnerability Management: How to Choose Which Rapid7 Offering Is Right for You
In this blog, we explain our two vulnerability management offerings—InsightVM and our Managed Vulnerability Management Service—so you can make an informed decision about which is right for you.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - October 2019
This month's Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/28ef0a64-489c-e911-a994-000d3a33c573]
is mainly notable in that there isn't a whole lot to note, which is a change of
pace. No 0-days, no vulnerabilities that had been publicly disclosed already,
and nothing that could allow worms to proliferate. And nothing from Adobe
[https://helpx.adobe.com/security.html]. Of course, that doesn't mean there's
nothing to do: Microsoft still published 59 CVE
Read Full Post
5 min
Project Sonar
Exim Vulnerability (CVE-2019-16928): Global Exposure Details and Remediation Advice
On Sept. 27, CVE-2019-16928 was promulgated, indicating all Exim versions 4.92–4.92.2 were vulnerable to a heap-based buffer overflow.
Read Full Post
5 min
Vulnerability Management
How DHS and MITRE Collaborate to Validate Vulns
In this week's podcast, we spoke with Katie Trimble of DHS and Chris Coffin of MITRE about their work with the CVE Project.
Read Full Post
3 min
InsightVM
Four Ways to Improve Automated Vulnerability Management Efficiency with SOAR
In this post, we’ll cover four ways to leverage security orchestration and automation (SOAR) to improve your vulnerability management program and save time in the process.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - September 2019
Today Microsoft released fixes
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/24f46f0a-489c-e911-a994-000d3a33c573]
for 79 separate security flaws, affecting products across much of their
portfolio. Two of these have been seen exploited in the wild: CVE-2019-1214
[https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1214]
and CVE-2019-1215
[https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1215]
are both privilege
Read Full Post
4 min
Vulnerability Management
CVE-2019-15846 Privileged Remote Code Execution Vulnerability in the Exim Mailer: What You Need to Know
On Sept. 6, the Exim development team released a patch for CVE-2019-15846, which fixed a privileged, unauthenticated RCE weakness in its popular internet email server software.
Read Full Post
4 min
InsightVM
How Rapid7 Industry Research Strengthens InsightVM
Rapid7’s vulnerability scanner, InsightVM is backed by multiple large-scale research projects that keep it on the leading edge of vulnerability risk management.
Read Full Post
5 min
Cloud Infrastructure
How to Set Up InsightVM in Your Google Cloud Environment
In this blog post, we’ll go over how to set up our vulnerability scanner, InsightVM in your Google Cloud and how to tweak it for your environment.
Read Full Post
7 min
Higher Education
Defining Cybersecurity Risk for Higher Education
Educational institutions and other organizations have similar cybersecurity risk profiles, but there are a few very specific areas that differ.
Read Full Post
7 min
Vulnerability Management
Summer Security Fundamentals Recap: What You Need to Know About Vulnerability Management
In this blog, we share with you key takeaways from our recent vulnerability management panel, along with tips for creating a successful VM program.
Read Full Post
8 min
AWS
Automating the Cloud: AWS Security Done Efficiently
Today, we are going to be installing software on all your existing EC2 instances across several (or all!) accounts under an organization in AWS.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - August 2019
First off, the big news for today's Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/312890cc-3673-e911-a991-000d3a33a34d]
: Microsoft has fixed four new Remote Desktop Services (RDS) vulnerabilities,
reminiscent of the BlueKeep
[/2019/07/31/bluekeep-cve-2019-0708-for-windows-rdp-what-you-need-to-know/]
vulnerability (CVE-2019-0708
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708]
) that was patched last May. CVE-2019-11
Read Full Post
2 min
Vulnerability Management
August 2019 Microsoft Remote Desktop Services (RDP) Patches: What You Need to Know
A new set of vulnerabilities in RDP impact every modern version of Windows. Here's what you need to know.
Read Full Post
3 min
Vulnerability Management
BlueKeep Exploits May Be Coming: Our Observations and Recommendations
Rapid7 Labs has observed a significant uptick in malicious RDP activity since the release of CVE-2019-0708 (aka “BlueKeep”).
Read Full Post
3 min
InsightVM
Do You Have Containers in Your Environment? Using Container Discovery to Be Sure
In this post, we'll show you how you can use the container security features in InsightVM to find out whether you have containers you didn't know about.
Read Full Post
2 min
InsightVM
Ensuring Timely Remediation of Security Risks with Service-Level Agreements (SLAs) in InsightVM
Rapid7 makes it easy for you to set up and track service-level agreements (SLAs) in InsightVM.
Read Full Post
2 min
Research
[Research] Under the Hoodie, 2019 Edition: Lessons Learned from 180 Penetration Tests
Our 2019 Under the Hoodie report covers the measurable results of about 180 penetration tests conducted by Rapid7. Find out what we learned.
Read Full Post
9 min
Vulnerability Management
So, You Think You Can Query?
In this blog, we are going to explore the basics of how to make queries in our cloud-based vulnerability management solution, InsightVM.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - July 2019
Patch Tuesday for July 2019 is on the heavier side as far as they go, with
Microsoft fixing 77 vulnerabilities
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/48293f19-d662-e911-a98e-000d3a33c573]
in total. Microsoft also published an advisory
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190021]
describing a
cross-site scripting vulnerability in the on-premise edition of Outlook for web
(previously known as Outlook Web App), but instead of
Read Full Post
3 min
InsightVM
New Container Security Assessment Features Added to InsightVM
We are excited to release two new features to improve the flexibility of our container assessment capabilities: our new Container Registry Sync App and Container Image Scanner for InsightVM.
Read Full Post
2 min
InsightVM
How Rapid7’s AWS Security Hub Integrations Increase Cloud Visibility and Automate Security Operations
As part of our ongoing commitment to support customers using Amazon Web Services (AWS), Rapid7 announces integrations with the AWS Security Hub for vulnerability management and SOAR solutions.
Read Full Post
3 min
InsightVM
Rapid7 Releases Cloud Configuration Assessment Capabilities in InsightVM
Rapid7 is pleased to announce that we have released new Cloud Configuration Assessment capabilities in our InsightVM vulnerability management solution.
Read Full Post
3 min
InsightVM
Blocking User Access to Vulnerable Assets with CyberArk and InsightVM
With InsightVM's new integration with the CyberArk Privileged Access Security Solution, user access to vulnerable assets can be automatically restricted until the issue is eliminated.
Read Full Post
3 min
InsightVM
Attack Surface Monitoring with Project Sonar
Attack Surface Monitoring with Project Sonar can help you reduce and monitor your attack surface.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - June 2019
Nearing the halfway point of 2019, today's Patch Tuesday sees Microsoft fix 88
vulnerabilities
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/253dc509-9a5b-e911-a98e-000d3a33c573]
, the highest count so far this year. Nothing this month seems "wormable" like
the BlueKeep [https://www.rapid7.com/db/?q=CVE-2019-0708] vulnerability patched
in May, and none of them have been seen exploited in the wild. However, four
elevation of privilege vulnerabilities had been previo
Read Full Post
3 min
Windows
Microsoft Windows RDP Network Level Authentication Bypass (CVE-2019-9510): What You Need to Know
CERT/CC has released an advisory regarding discovered behavior in the Microsoft Windows Remote Desktop Protocol (RDP), which can allow an attacker to bypass the lock screen on some remote sessions.
Read Full Post
3 min
Vulnerability Management
Why Patch Management Is Crucial for Securing Your Organization
With the deluge of assets flooding corporate networks, organizations need to have a solid patch management strategy in place.
Read Full Post
3 min
Vulnerability Management
How SOAR Is Disrupting Traditional Vulnerability Management
In a recent episode of Whiteboard Wednesday, we dive into how security orchestration, automation, and response (SOAR) is changing traditional vulnerability management.
Read Full Post
3 min
Patch Tuesday
Patch Tuesday - May 2019
Hot on the heels of several Apple security advisories
[https://support.apple.com/en-us/HT201222] on Monday, May's Patch Tuesday sees
Microsoft fix nearly 80 vulnerabilities
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/e5989c8b-7046-e911-a98e-000d3a33a34d]
across their product line, some of them very serious indeed, and Adobe address
over 80 in Acrobat Reader
[https://helpx.adobe.com/security/products/acrobat/apsb19-18.html] alone. A fix
for a critical remote cod
Read Full Post
9 min
Medical
Medical Device Security, Part 3: Putting Safe Scanning into Practice
In this blog post, we put the theory we've built out in our medical device scanning series into practice.
Read Full Post
7 min
Medical
Medical Device Security, Part 2: How to Give Medical Devices a Security Checkup
In part two of our series, we get into the weeds of medical device scanning and examine how to directly perform assessments on medical devices.
Read Full Post
1 min
Vulnerability Disclosure
WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2019-2725): What You Need to Know
Oracle has released an out-of-band security advisory and set of patches for Oracle WebLogic Server versions 10.3.6.0 and 12.1.3.0.
Read Full Post
8 min
Medical
Medical Device Security, Part 1: How to Scan Devices Without Letting Safety Flatline
When scanning medical devices, it's important to manage risk, be intentional and tread lightly, and never scan computers that are plugged into people.
Read Full Post
1 min
Research
Confluence Unauthorized RCE Vulnerability (CVE-2019-3396): What You Need to Know
Atlassian was notified in late February about a remote code execution (RCE) flaw in their Confluence and Data Center products and issued an alert with a patch on March 20, 2019.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - April 2019
Today's Microsoft updates
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/18306ed5-1019-e911-a98b-000d3a33a34d]
resolve over 70 vulnerabilities, most of which affect the Windows operating
system itself. Two of the vulnerabilities are already being exploited in the
wild. Both CVE-2019-0803
[https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0803]
and CVE-2019-0859
[https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0
Read Full Post
3 min
InsightVM
Security Operations at Its Finest: Meet the InsightVM and ServiceNow Integration
Rapid7's integration between InsightVM and ServiceNow Security Operations can help your organization streamline their operations to remediate vulnerabilities faster.
Read Full Post
1 min
InsightVM
Rapid7 Named a March 2019 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment
The Rapid7 team is excited to announce that we have been recognized as a March 2019 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment.
Read Full Post
3 min
Patch Tuesday
Patch Tuesday - March 2019
Today Microsoft released updates
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ac45e477-1019-e911-a98b-000d3a33a34d]
that resolve over 60 different vulnerabilities. As usual, Windows, web browsers,
and SharePoint Server are all affected. Office gets off relatively lightly with
only a single vulnerability fixed (CVE-2019-0748
[https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0748]
, a remote code execution (RCE) vulnerability in the Acces
Read Full Post
3 min
Vulnerability Disclosure
R7-2019-01: CircuitWerkes Sicon-8 Client-Side Authentication Read-Only Bypass (CVE-2019-5616)
The Sicon-8 ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user’s web browser.
Read Full Post
7 min
Vulnerability Management
Customer Perspective: How InsightVM Helps Organizations Solve Common Vulnerability Management Challenges
In this blog, Brett Droche of Amedisys explains how Rapid7's InsightVM can mitigate or completely solve common vulnerability management challenges.
Read Full Post
3 min
InsightVM
Implementing Credential Hygiene with CyberArk and InsightVM
Effectively assess your assets with a scan engine while keeping your credentials safe with the integration between CyberArk and InsightVM and Nexpose.
Read Full Post
2 min
Research
Cisco® RV110/RV130/RV215 Unauthenticated Configuration Export Vulnerability (CVE-2019-1663): What You Need to Know
This week, Cisco® released an advisory and patch for a remote code execution flaw in small-business routers used for wireless connectivity in small offices and home offices.
Read Full Post
3 min
Vulnerability Management
Why Most Vulnerability Management Programs Fail and What You Can Do About It
In our latest webcast, we explain why most vulnerability management programs fail and what you can do to avoid the same fate.
Read Full Post
4 min
Vulnerability Management
Checkmate! How to Win at Vulnerability Management Using the Game of Chess
Because the mindset you use to win at chess is the same one you should strive for as an information security professional, you can learn a lot by examining its rules, players, and strategy.
Read Full Post
3 min
Vulnerability Management
Drupal Core Remote Code Execution (CVE-2019-6340): What You Need to Know
On Wednesday, Feb. 20, 2019, the Drupal Core team provided an early-warning update for the third Drupal Core Security Alert of 2019, which has been assigned CVE-2019-6340.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - February 2019
Microsoft got back in the swing of things today after a couple of relatively
light months, with over 70 separate CVEs
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/51503ac5-e6d2-e811-a983-000d3a33c573]
being addressed.
The usual suspects got patches, including Windows, Office, Browsers (including
Adobe Flash
[https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190003]),
.NET Framework, SharePoint, Exchange, and another slew of JET Database Engi
Read Full Post
4 min
Customer Perspective
Automation in Action: How Carnegie Mellon University Combats Vulnerabilities Using Nexpose
We recently spoke with Brian W. Gray, Information Security Engineer for Carnegie Mellon University, about how he manages vulnerabilities with Rapid7's vulnerability assessment solution, Nexpose.
Read Full Post
8 min
Vulnerability Management
Understanding Ubiquiti Discovery Service Exposures
On Jan. 29, the Rapid7 Labs team was informed of a tweet by Jim Troutman indicating that Ubiquiti devices were being exploited and used to conduct denial-of-service attacks using a service on 10001/UDP.
Read Full Post
4 min
InsightVM
Did You Remediate That? How to Integrate Vulnerability Remediation Projects with Your IT Infrastructure
Remediation projects in InsightVM enable you to follow a vulnerability remediation task from beginning to end by leveraging automation-assisted patching.
Read Full Post
3 min
Research
Cisco RV320/RV325 Router Unauthenticated Configuration Export Vulnerability (CVE-2019-1653): What You Need to Know
Last week, a critical configuration weakness in Cisco® routers was responsibly disclosed on the Full Disclosure mailing list. Here's what you need to know.
Read Full Post
2 min
Vulnerability Management
What WannaCry Taught Me About the Benefits of Agents in VM Programs
In the wake of the WannaCry attack, my security team and I learned firsthand why having an agent-based vulnerability management strategy could have helped.
Read Full Post
3 min
Vulnerability Management
How AWS and InsightVM Can Help You Securely Move to the Cloud
No one can deny that cloud adoption is increasing at a fast rate. Though moving
to the cloud offers many advantages—such as speed of development, cost savings,
and reduced overhead—one of the implications of adoption is that customers must
change the way they approach security to adapt to hybrid and fully cloud
infrastructure [https://www.rapid7.com/info/secure-your-modern-it-environment].
As this happens, security practitioners have to consider how to use their
current on-premises tools in bot
Read Full Post
3 min
Vulnerability Management
Rapid7 Industry Cyber-Exposure Report Highlights the Need for Vulnerability Management
In our recently released Industry Cyber-Exposure Report: Fortune 500, we uncovered that companies across all industries in the U.S. Fortune 500 are showing signs of recurring compromise.
Read Full Post
2 min
InsightVM
Did You Remediate That? Take Control of Risk by Knowing Your Top 25 Vulnerabilities
InsightVM's Top 25 report is a great place to start when you want to take control of your overall vulnerability management program.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - January 2019
Microsoft's first updates of the year
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/b4384b95-e6d2-e811-a983-000d3a33c573]
address 49 separate vulnerabilities, which is on the low side relatively
speaking. We're also getting rare respite from Flash vulnerabilities (although
Adobe published
[https://helpx.adobe.com/security/products/flash-player/apsb19-01.html] a
"security bulletin" for Flash today, the new version does not actually contain
any security fixes). It's
Read Full Post
5 min
InsightVM
Head in the Clouds: Data Warehousing in the Google Cloud
This blog discusses how to leverage InsightVM's Data Warehousing functionality to export scan data to a managed Cloud SQL instance in the Google Cloud Platform.
Read Full Post
3 min
InsightVM
Did You Remediate That? How to Use the InsightVM Policy Compliance Status Report to Measure Benchmark Configurations
Reports within InsightVM can help you demonstrate whether your systems stand up against compliance requirements.
Read Full Post
3 min
AWS
Rapid7 Partners with AWS Security Hub for Deeper Vulnerability Reporting
Last month, we were thrilled to announce our integration with AWS Security Hub at AWS re:Invent.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - December 2018
It's the last Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/6c54acc6-2ed2-e811-a980-000d3a33a34d]
of 2018! As is often the case in December, it's a relatively light one with
"only" 38 CVEs. (Every other month in 2018 clocked in with at least 50 patched
vulnerabilities.) This is in addition to the two Adobe Flash CVEs
[http://helpx.adobe.com/security/products/flash-player/apsb18-42.html] that were
patched out-of-band last week, due to a remote code ex
Read Full Post
5 min
InsightVM
Did You Remediate That? New InsightVM Executive Report Provides Key Details on Team Progress
We have developed the InsightVM Executive Report so that companies can easily report on month-over-month trends in their vulnerability management programs.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - November 2018
Microsoft's patches this month
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ff746aa5-06a0-e811-a978-000d3a33c573]
address over 60 vulnerabilities. Just like last month
[https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8453]
, another zero-day privilege escalation vulnerability in Win32k has been
patched. CVE-2018-8589
[https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8589]
has been seen exploited in the wild,
Read Full Post
2 min
Awards
Rapid7 Wins Frost & Sullivan 2018 Global Vulnerability Management Market Leadership Award
We’re thrilled to announce that Rapid7 InsightVM was selected as the market leader in vulnerability management by Frost & Sullivan.
Read Full Post
2 min
Whiteboard Wednesday
Whiteboard Wednesday: Common Vulnerabilities as Personified by Halloween Costumes
As a security professional, you don’t need a haunted house to feel spooked this Halloween—just start exploring your environment in search of vulnerabilities.
Read Full Post
4 min
Vulnerability Management
How to Use InsightVM’s Goals & SLAs Feature to Define Important Metrics and Optimize Your Security Operations
Rapid7 InsightVM’s new Goals & SLAs feature helps security teams define relevant and meaningful metrics so they’re able to set goals against them, track individual and team progress, and receive alerts when goals are achieved or missed.
Read Full Post
3 min
Incident Detection
Rapid7 Leads All 'Strong Performers' in 2018 Forrester Wave for Emerging MSSPs
We’re proud to be recognized in the Forrester Wave as the leader in the “Strong Performer” category and to score second highest overall current offering for our Managed Security Services.
Read Full Post
5 min
InsightVM
Quantifying Vulnerability Risk: How to Quickly Calculate and Prioritize Risk
Here is a first-hand look at how we quantify the Real Risk Score and how this helps practitioners address the top vulnerabilities in their ecosystems.
Read Full Post
3 min
Vulnerability Management
Take a Bite out of the Vulnerability Remediation Backlog with InsightVM
Security teams dealing with expanding networks and increasingly sophisticated attacks can use InsightVM to help stay on top of their vulnerability backlog.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - October 2018
This month's patches from Microsoft include fixes for 50 distinct vulnerabilities.
Read Full Post
4 min
InsightVM
Automate to Accelerate: Introducing Security Orchestration and Automation on the Rapid7 Insight Platform
Rapid7 is proud to officially announce orchestration and automation on our Insight platform, with automation taking shape in a number of existing products and our new SOAR offering, Rapid7 InsightConnect.
Read Full Post
4 min
Penetration Testing
How to Identify and Prioritize Gaps with the Cybersecurity Maturity Assessment, Post-2018 'Under the Hoodie'
At Rapid7, we believe that cybersecurity within a company is not just a function with many stakeholders, but rather a shared responsibility among all employees, regardless of role.
Read Full Post
3 min
Patch Tuesday
Patch Tuesday - September 2018
More than 60 vulnerabilities were addressed by this month's patches, including CVE-2018-15967 (a privilege escalation/information disclosure vulnerability in Adobe Flash Player).
Read Full Post
3 min
InsightAppSec
Scan Management with InsightAppSec: There’s More to Application Security than Long Lists of Vulnerabilities
Knowing what you are scanning, how often, and with how much success is vital to knowing your vulnerability data is accurate, up-to-date, and reflects your security position. InsightAppSec can help.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - August 2018
Microsoft's updates this month
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ecb26425-583f-e811-a96f-000d3a33c573]
address over 60 vulnerabilities, 20 of which are classified as Critical. As
usual, most of this month's fixes are browser-related, and nearly half of the
flaws could lead to remote code execution (RCE). Patches for Exchange, SQL
Server, and Microsoft Office were also released.
Two of this month's vulnerabilities have already been seen exploited in th
Read Full Post
7 min
API
Your Guide to InsightVM’s RESTful API
A Security Automation-Focused API for Forward-Thinking Vulnerability Management
Released in January of 2018, Rapid7 InsightVM
[https://www.rapid7.com/products/insightvm/]’s API version 3—the RESTful API
[/2018/01/18/a-restful-api-for-insightvm/]—was a highly anticipated, perhaps
somewhat inconspicuous, addition to our vulnerability management solution
[https://www.rapid7.com/solutions/vulnerability-management/]. Introduced as a
successor to previous API versions, the RESTful API was designed for
Read Full Post
3 min
Azure
Azure Security Center and Active Directory Now Integrate with the Rapid7 Platform
Today, we announced
[https://www.rapid7.com/about/press-releases/rapid7-integrates-with-microsoft-azure/]
continued, more comprehensive development of the integration between the Rapid7
Insight platform [https://www.rapid7.com/products/insight-platform/] and
Microsoft Azure.
A new integration with Azure Security Center makes it easy to deploy the Rapid7
unified Insight Agent across new and existing Azure Virtual Machines. This
automated deployment enables InsightVM customers to maintain consta
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - July 2018
This month's security updates
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/1c26eff2-573f-e811-a96f-000d3a33c573]
from Microsoft address 50 separate vulnerabilities, including two fixes
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180017]
for Adobe Flash Player (APSB18-24
[https://helpx.adobe.com/security/products/flash-player/apsb18-24.html]). There
are no 0-days this month, although three vulnerabilities had been publicly
disclosed pri
Read Full Post
4 min
Customer Perspective
Why Bow Valley College Gives Rapid7 InsightVM High Marks for Vulnerability Management
Bow Valley College uses InsightVM dashboards to identify quick wins, measure
success, and communicate to senior leadership. James Cairns, database
administrator at Bow Valley College, gave us a look into their vulnerability
management journey with Rapid7.
It’s my job to assess vulnerabilities, facilitate patching, and work with the
rest of my infrastructure team to optimize our resources in order to stay on top
of security issues. As the database administrator for Bow Valley College in
Calgary,
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - June 2018
This month's Patch Tuesday
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/7d4489d6-573f-e811-a96f-000d3a33c573]
is rather run-of-the-mill, with a total of 50 vulnerabilities being addressed by
Microsoft. However, a bit of excitement came earlier this month, with an
out-of-band patch for Adobe Flash Player released last Thursday
[https://helpx.adobe.com/security/products/flash-player/apsb18-19.html] to fix
four security issues. Two of these were flaws that can lead
Read Full Post
4 min
Project Sonar
VPNFilter's Potential Reach — Malware Exposure in SMB/Consumer-grade Devices
(Many thanks to Rebekah Brown [/author/rebekah-brown/] & Derek Abdine for their
contributions to the post.)
How does VPNFilter work?
Over the past few weeks, Cisco’s Talos
[https://www.cisco.com/c/en/us/products/security/talos.html] group has published
some significant new research
[https://blog.talosintelligence.com/2018/06/vpnfilter-update.html] on a new
malware family called VPNFilter. VPNFilter targets and compromises networking
devices to monitor the traffic that goes through them. The mal
Read Full Post
4 min
InsightVM
How to Streamline Your Vulnerability Remediation Workflows with InsightVM Projects
If you’re like many security practitioners, you spend a lot of time working with
spreadsheets. Whether you’re trying to prioritize your findings or distribute
work to remediation teams, an all-too-common workflow is to export this data
into a spreadsheet to then be sorted, filtered, copied, and distributed.
This tedious, manual effort seems to be the standard for vulnerability
management programs [https://www.rapid7.com/solutions/vulnerability-management/]
everywhere, but with our vulnerabil
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - May 2018
Microsoft has released patches
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/a82328f9-1f26-e811-a968-000d3a33a34d]
that resolve over 60 separate vulnerabilities including an update
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180008]
for Flash Player that addresses a critical Remote Code Execution (RCE)
vulnerability (CVE-2018-4944
[https://helpx.adobe.com/security/products/flash-player/apsb18-16.html]). As
usual, the majority of fixes a
Read Full Post
4 min
Vulnerability Management
3 Steps to Clear the Fog: Improving Vulnerability Remediation Visibility with InsightVM
The moment you send a vulnerability report to your IT team, you want assurance
that it’s being worked on—especially if there are critical vulnerabilities. You
also want to be sure issues are prioritized in the right way so that deadlines
are met. Often, however, this is not the reality. With different processes and
tools in place, it’s difficult to align security and IT teams for effective
vulnerability remediation
[https://www.rapid7.com/products/insightvm/use-cases/work-better-with-it-and-devo
Read Full Post
4 min
Vulnerability Management
CVE 100K: A Big, Round Number
There have been 100,000 CVEs published. That's a big, round number.
Read Full Post
6 min
Vulnerability Management
CVE 100K: By The Numbers
There have been 100,000 CVEs published. Here are some stats on the program so far.
Read Full Post
5 min
Vulnerability Management
Drupalgeddon Vulnerability: What is it? Are You Impacted?
First up: many thanks to Brent Cook [/author/brent-cook/], William Vu
[/author/william-vu/] and Matt Hand for their massive assistance in both the
Rapid7 research into “Drupalgeddon” and their contributions to this post.
Background on the Drupalgeddon vulnerability
The Drupalgeddon 2 vulnerability announcement came out in late March (2018-03-28
) as SA-CORE-2018-002 [https://www.drupal.org/sa-core-2018-002]. The advisory
was released with a patch and CVE (CVE-2018-7600)
[https://www.rapid7.com/
Read Full Post
2 min
InsightVM
Rapid7 InsightVM Named Best Vulnerability Management Solution by SC Magazine
SC Media has announced the 2018 SC Awards and (drumroll, please…)
InsightVM [https://www.rapid7.com/products/insightvm/] is proud to take top
honors as Best Vulnerability Management Solution in the Trust Awards category.
Our team works tirelessly day in and day out to bring SecOps best practices
[https://www.rapid7.com/solutions/secops/] to our customers, help our customers
secure their modern networks, and work across teams to solve their trickiest
problems. It means the world to us when th
Read Full Post
5 min
Vulnerability Management
How to Remediate Vulnerabilities Across Multiple Offices
Your vulnerability scanner [https://www.rapid7.com/products/insightvm/] embarks
on its weekly scan. The report comes in, you fire it off to your IT team across
the country and...silence. Thinking they’re on it, you go on with your day,
until next week’s scan report comes in and you find out that not everything was
fixed and issues have progressed.
For companies with distributed offices, it can be tricky to communicate issues
to teammates you have limited facetime with, get things done quickly w
Read Full Post
3 min
Patch Tuesday
Patch Tuesday - April 2018
Over 70 vulnerabilities have been fixed this month
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/abf77563-8612-e811-a966-000d3a33a34d]
, including 6 in Adobe Flash
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180007] (
APSB18-08
[https://helpx.adobe.com/security/products/flash-player/apsb18-08.html]).
At a high level, there's nothing too out of the ordinary. Unfortunately, that
means the majority of the patched vulnerabilities are once ag
Read Full Post
3 min
InsightVM
Where the sidewalk ends, extend!
Back in the day, I had the pleasure of working in an environment that made heavy
use of mainframes. These hulking beasts of yesteryear were workhorses, toting
VSAM files hither and thither. One of the treats of the day was the abend. For
the uninitiated, IEEE [http://ieeexplore.ieee.org/document/5733835/] defines
abend as the “Termination of a process prior to completion.” The mere utterance
of the portmanteau [https://en.wikipedia.org/wiki/Portmanteau] abend meant we
had a crisis on our hands.
Read Full Post
3 min
Vulnerability Management
Cisco Smart Install (SMI) Remote Code Execution: What You Need To Know
What’s Up?
Researchers from Embedi discovered
[https://embedi.com/blog/cisco-smart-install-remote-code-execution/] (and
responsibly disclosed) a stack-based buffer overflow weakness in Cisco Smart
Install Client code which causes the devices to be susceptible to arbitrary
remote code execution without authentication.
Cisco Smart Install (SMI) is a “plug-and-play” configuration and
image-management feature that provides zero-touch deployment for new (typically
access layer) switches. The feature
Read Full Post
3 min
Vulnerability Management
Rapid7 Named a Leader in Forrester Wave for Vulnerability Risk Management
Today, we’re excited to announce a major milestone for InsightVM
[https://www.rapid7.com/products/insightvm/]: Recognition as a Leader in The
Forrester Wave™: Vulnerability Risk Management, Q1 2018, earning top scores in
both the Current Offering and Strategy categories. We are proud of the
achievement not only because of years of hard work from our product team, but
also because we believe that it represents the thousands of days and nights
spent working with customers to understand the challen
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - March 2018
There are a lot of fixes this month
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/6c8fa125-28f6-e711-a963-000d3a33a34d]
: Microsoft's updates include patches for 76 separate vulnerabilities, including
two critical Adobe Flash Player remote code execution (RCE) vulnerabilities
[https://helpx.adobe.com/security/products/flash-player/apsb18-05.html].
In fact all of this month's critical vulnerabilities are browser-related. This
is not surprising considering web brows
Read Full Post
4 min
Research
An Impressively Unprecedented Drop in Open memcached Services
(Many thanks to Jon Hart [https://twitter.com/jhartftw] and Tom Sellers
[https://twitter.com/TomSellers] for their research and content for this blog
post.)
We started performing weekly monitoring of open/amplification-vulnerable
memcached servers after the recent memcrashed
[/2018/02/27/the-flip-side-of-memcrashed/] amplification distributed
denial-of-service (DDoS) attack and today we have some truly awesome news to
report, along with some evidence that the recent spate of DDoS attacks may n
Read Full Post
4 min
CIS Controls
CIS Critical Control 9: Limitation and Control of Ports, Protocols, and Services
This is a continuation of our CIS Critical Control Series blog series. Need help
addressing these controls? See why SANS listed Rapid7 as the top solution
provider addressing the CIS top 20 controls
[https://www.rapid7.com/solutions/compliance/critical-controls/].
If you’ve ever driven on a major metropolitan highway system, you’ve seen it:
The flow of traffic is completely engineered. Routes are optimized to allow
travelers to reach their destinations as quickly as possible. Traffic laws
speci
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - February 2018
It's a run-of-the-mill month as far as Patch Tuesdays go. Even so, 50 individual
CVEs have been fixed
[https://helpx.adobe.com/security/products/acrobat/apsb18-02.html] by Microsoft,
most of which (34) are rated "Important". As usual, most of the 14 considered
"Critical" are web browser vulnerabilities that could lead to remote code
execution (RCE). The most concerning non-browser issue is CVE-2018-0825
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0825]
, an RCE i
Read Full Post
3 min
InsightVM
Vulnerability Management Year in Review, Part 3: Remediate
The wide impact
[https://www.wired.com/story/petya-ransomware-outbreak-eternal-blue/] of the
Petya-like ransomware [/2017/06/27/petya-ransomware-explained/] in 2017, mere
weeks after WannaCry [/2017/05/12/wanna-decryptor-wncry-ransomware-explained/]
exploited many of the same vulnerabilities, illustrated the challenge that
enterprises have with remediating even major headline-grabbing vulnerabilities,
let alone the many vulnerabilities that don’t get news coverage. To this end,
Rapid7’s vulner
Read Full Post
3 min
InsightVM
Incorporating Automated Actions Into Your Vulnerability Management Process
In today’s security climate, we all want to know that our data is as current as
possible. Often, customers will increase their vulnerability scanning
[https://www.rapid7.com/fundamentals/vulnerability-management-and-scanning/]
frequency to weekly or even daily to meet the needs of an ever-changing
environment. However, this requires a lot of resources and generates tons of
data while making it difficult to identify only what has changed.
This is exactly why we developed automated actions withi
Read Full Post
4 min
InsightVM
A RESTful API for InsightVM
With 2017 firmly in the rear-view mirror, we peer forward into 2018 and thanks
to genre-bending vulnerabilities like Meltdown and Spectre
[/2018/01/04/meltdown-and-spectre-what-you-need-to-know-cve-2017-5715-cve-2017-5753-cve-2017-5754/]
the future would seem a bit blurry. Louis Pasteur
[https://en.wikiquote.org/wiki/Louis_Pasteur] is attributed with the quote:
“Chance favors the prepared mind.” Pasteur’s work precedes information security
as we know it today by a century, but as an an individu
Read Full Post
3 min
InsightAppSec
3 Questions to Ask When Prioritizing Web Application Vulnerabilities
Dynamic application security testing (DAST) often results in a constantly
evolving list of security vulnerabilities. When scanning a web application
[https://www.rapid7.com/fundamentals/web-application-security/] in production or
in an active testing environment, issues can crop up as quickly as changes
happen within the app. And when exposed to the internet itself, there are many
more ways in which security vulnerabilities
[https://www.rapid7.com/fundamentals/vulnerabilities-exploits-threats/]
Read Full Post
4 min
InsightAppSec
The 4 Big Differences Between Network Security and Web Application Security
Tomato, tomato, potato, potato, network security and web application security
[https://www.rapid7.com/solutions/application-security/]. Two things that may
seem similar, they are actually quite different. Network security (also known as
vulnerability assessment or vulnerability management
[https://www.rapid7.com/solutions/vulnerability-management/]) has been around
for quite some time and is something most security practitioners today know
well. Web application security, however, is still not wi
Read Full Post
3 min
Patch Tuesday
Patch Tuesday - January 2018
The first Microsoft patches of 2018 came early, with new updates released late
Wednesday, January 3rd. Although this was due to the (somewhat
[https://www.freebsd.org/news/newsflash.html#event20180104:01]) coordinated
disclosure of the Meltdown and Spectre
[/2018/01/04/meltdown-and-spectre-what-you-need-to-know-cve-2017-5715-cve-2017-5753-cve-2017-5754/]
vulnerabilities, last week’s updates also contained fixes for 33 additional
CVEs. These days, Microsoft releases their OS updates as monolithi
Read Full Post
2 min
InsightVM
Vulnerability Management: A Year in Review - Prioritize
2017 has already broken the record
[https://www.darkreading.com/threat-intelligence/2017-has-broken-the-record-for-security-vulnerabilities/d/d-id/1330410?]
for the most number of vulnerabilities reported. With more software being
produced and more researchers focused on finding vulnerabilities, this trend
will probably continue. Understanding where to focus and which vulnerabilities
to fix first is more important than ever. That’s why this year we delivered
several innovations within our vulne
Read Full Post
4 min
Vulnerability Management
Meltdown and Spectre: What you need to know (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
After waking up from a long winter’s nap, you may have heard the lamentations
about the “Intel Kernel Leak” vulnerability, or the “Kernel Speculative
Execution” vulnerability, or, now, the “Meltdown and Spectre” vulnerabilities.
This is a quick post to let you know just how freaked out, or not, you should
be.
What’s the problem?
On January 3rd, 2018, there were rumors flying around about a vulnerability that
affects pretty much all modern Intel processors (which turns out to be nearly
all proce
Read Full Post
3 min
InsightVM
Vulnerability Management Year in Review, Part 1: Collect
Sometimes, it seems change is the only permanent thing in information security. To help deal with change on your terms, we set out to help maintain visibility to your environment as it is presented to you. How? By efficiently collecting vulnerability data at scale.
Read Full Post
6 min
Haxmas
HaXmas Review: A Year of Patch Tuesdays
Today’s installment of the 12 Days of HaXmas [/tag/haxmas] is about 2017’s 12
months of Patch Tuesdays [/tag/patch-tuesday/]. Never mind that there were only
eleven months this year, thanks to Microsoft canceling
[https://blogs.technet.microsoft.com/msrc/2017/02/14/february-2017-security-update-release/]
most of February’s planned fixes. This coincided with when they’d planned to
[https://blogs.technet.microsoft.com/msrc/2016/11/08/furthering-our-commitment-to-security-updates/]
roll out their
Read Full Post
4 min
GDPR
Creating a Risk-Based Vulnerability Management Program for GDPR with InsightVM
The General Data Protection Regulation’s (GDPR)
[https://www.rapid7.com/solutions/compliance/gdpr/] deadline in 2018 is rapidly
approaching, and as companies prepare for GDPR compliance
[/2017/02/23/preparing-for-gdpr/], they’re facing a struggle that’s plagued
every security program for years: how to quantify that nebulous, scary thing
called “risk.” GDPR compliance [https://www.rapid7.com/fundamentals/gdpr/]
specifically talks about “risk” several times in its guidelines, particularly in
Arti
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - December 2017
No big surprises from Microsoft this month
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/c383fa60-b852-e711-80dd-000d3a32f9b6]
, with 70% of the 34 vulnerabilities addressed being web browser defects. Most
of these are Critical Remote Code Execution (RCE) vulnerabilities, so
administrators should prioritize patching client workstations. It doesn't take
sophisticated social engineering tactics to convince most users to visit a
malicious web page, or a legitimate but
Read Full Post
1 min
Vulnerability Management
CVE-2017-10151: What You Need to Know About the Oracle Identity Manager Vulnerability
I have Oracle Identity Manager running in my environment. What's going on? Am I
vulnerable?
Recently, we’ve been getting more than a few questions about the Oracle
Identity
Manager vulnerability (CVE-2017-10151)
[https://www.rapid7.com/db/vulnerabilities/oracle-oim-cve-2017-10151], which was
rated by Oracle with the most critical CVSS score of 10
[https://nvd.nist.gov/vuln/detail/CVE-2017-10151]. This is the highest possible
CVSS score, which represents a vulnerability with a low complexity for
Read Full Post
5 min
Vulnerability Management
INTEL-SA-00086 Security Bulletin for Intel Management Engine (ME) and Advanced Management Technology (AMT) Vulnerabilities: What You Need To Know
INTEL-SA-00086 vulnerabilities? What’s Up?
(Full update log at the end of the post as we make changes.)
Intel decided to talk turkey
[https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr]
this week about a cornucopia of vulnerabilities that external (i.e. non-Intel)
researchers — Mark Ermolov and Maxim Goryachy from Positive Technologies
Research — discovered in their chips. Yes: chips. Intel conducted a
comprehensive review of their Intel® Management Engine
Read Full Post
4 min
Vulnerability Management
The Oracle (PeopleSoft/Tuxedo) JoltandBleed Vulnerabilities: What You Need To Know
JoltandBleed vulnerabilities? What’s Up?
Oracle recently issued emergency patches for five vulnerabilities:
* CVE-2017-10272 is a vulnerability of memory disclosure; its exploitation
gives an attacker a chance to remotely read the memory of the server.
* CVE-2017-10267 is a vulnerability of stack overflows.
* CVE-2017-10278 is a vulnerability of heap overflows.
* CVE-2017-10266 is a vulnerability that makes it possible for a malicious
actor to bruteforce passwords of DomainPWD which i
Read Full Post
1 min
Patch Tuesday
Patch Tuesday - November 2017
Web browser issues account for two thirds of this month's patched
vulnerabilities
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/bae9d0d8-e497-e711-80e5-000d3a32fc99]
, with 24 CVEs for Edge and 12 for Internet Explorer being fixed. Many of these
are classified as Critical (allowing code execution without user interaction).
This is no surprise, as browser bugs are typically well represented on Patch
Tuesdays. On top of this are five Adobe Flash Player vulnerabilitie
Read Full Post
4 min
Incident Detection
Changing the Corporate Network Attacker’s Risk-Reward Paradigm
Defending a corporate network is hard, while attacking one is all too easy. We break down the risk/reward ratio for corporate attackers and what we can do to change it.
Read Full Post
6 min
Metasploit
Testing SMB Security with Metasploit Pro Task Chains: Part 2
This is part two of our blog series on testing SMB security with Metasploit Pro.
In the previous post, we explained how to use Metasploit Pro’s Task Chains
feature to audit SMB passwords automatically. Read it here
[/2017/10/31/testing-smb-server-security-with-metasploit-pro-task-chains-part-1/]
if you haven’t already.
In today’s blog post, we will talk about how to use a custom resource script in
a Task Chain to automatically find some publicly-known high-profile
vulnerabilities in SMB. Publi
Read Full Post
3 min
IoT
ROCA: Vulnerable RSA Key Generation
In the KRACK-related
[/2017/10/16/the-wi-fi-krack-vulnerability-what-you-need-to-know/] and
BadRabbit-related
[/2017/10/24/the-badrabbit-ransomware-attack-what-you-need-to-know/] chaos of
the past week and a half, some people missed a less flashy vulnerability that
nevertheless dug up key long-term questions on IoT supply chains and embedded
technology. The Czech-based Center for Research on Cryptography and Security
published research last week [https://crocs.fi.muni.cz/public/papers/rsa_ccs1
Read Full Post
6 min
Vulnerability Management
The Wi-Fi KRACK Vulnerability: What You Need to Know
Everything you need to know about the recently disclosed KRACK vulnerability affecting Wi-Fi security protocols (WPA1 and WPA2).
Read Full Post
3 min
InsightVM
InsightVM in the Azure Marketplace
Step-by-step guide to using InsightVM to scan your assets in Microsoft's cloud.
Read Full Post
2 min
Patch Tuesday
Patch Tuesday - October 2017
Patch Tuesday round-up for October 2017
Read Full Post
8 min
Vulnerability Management
No-Priority, Post-Auth Vulnerabilities
In the course of collecting and disclosing vulnerabilities, I occasionally come
across an issue that walks like a vuln, quacks like a vuln, but… it’s not
exactly a vuln. As per our usual vulnerability disclosure process
[https://www.rapid7.com/disclosure/], we still report these issues to vendors.
The behavior observed is nearly always a bug of some sort, but it’s not
immediately exploitable, or the “exploit” is merely exercising the expected
level of privilege, but in an unexpected context.
Po
Read Full Post
3 min
InsightVM
Container Security Assessment in InsightVM
Earlier in the year in this blog post around modern network coverage and
container security in InsightVM
[/2017/05/24/modern-network-coverage-and-container-security-in-insightvm/], we
shared Rapid7’s plans to better understand and assess the modern and
ever-changing network with Docker and container security
[https://www.rapid7.com/solutions/containers-and-docker-security/]. We began by
introducing discovery of Docker hosts and images, as well as vulnerability
assessment and secure configuration
Read Full Post
1 min
Patch Tuesday
Patch Tuesday - September 2017
It's a big month, with Microsoft patching
[https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/5984735e-f651-e711-80dd-000d3a32fc99]
85 separate vulnerabilities including the two Adobe Flash Player Remote Code
Execution
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170013]
(RCE) fixes bundled with the Edge and Internet Explorer 11 updates. Continuing
recent trends, the bulk of Critical RCE vulnerabilities are client-side,
primarily in Edge, IE,
Read Full Post
2 min
Vulnerability Management
Apache Struts S2-052 (CVE-2017-9805): What You Need To Know
Apache Struts, Again? What’s Going On?
Yesterday’s Apache Struts vulnerability announcement
[https://www.bleepingcomputer.com/news/security/new-apache-struts-vulnerability-puts-many-fortune-companies-at-risk/]
describes an XML Deserialization issue in the popular Java framework for web
applications. Deserialization of untrusted user input, also known as CWE-502
[https://cwe.mitre.org/data/definitions/502.html], is a somewhat well-known
vulnerability pattern, and I would expect crimeware kits to
Read Full Post
4 min
Nexpose
Vulnerability Management Market Disruptors
Gartner’s recent vulnerability management report
[https://www.gartner.com/doc/3775765] provides a wealth of insight into
vulnerability management (VM) tools and advice for how to build effective VM
programs. Although VM tools and capabilities have changed since the report’s
last iteration in 2015, interestingly one thing hasn’t: Gartner’s analysis of
potential disruptors to VM tools and practices.
Great minds think alike, as we’ve been heavily investing in these areas to help
our customers over
Read Full Post
1 min
Patch Tuesday
Patch Tuesday - August 2017
It was a busy month this month with a total of 48 security issues fixed. All of
these have a severity of Critical or Important with Remote Code Execution
vulnerabilities again figuring highly, particularly for Microsoft Edge.
There were also a few publicly disclosed vulnerabilities that were fixed,
including CVE-2017-8633
[https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8633]
(Privilege Escalation with Windows Error Reporting). None of the disclosed
vulnerabilities
Read Full Post
2 min
Vulnerability Management
CVE-2017-5242: Nexpose/InsightVM Virtual Appliance Duplicate SSH Host Key
Today, Rapid7 is notifying Nexpose [https://www.rapid7.com/products/nexpose/]
and InsightVM [https://www.rapid7.com/products/insightvm/] users of a
vulnerability that affects certain virtual appliances. While this issue is
relatively low severity, we want to make sure that our customers have all the
information they need to make informed security decisions regarding their
networks. If you are a Rapid7 customer who has any questions about this issue,
please don't hesitate to contact your custome
Read Full Post
4 min
Vulnerability Management
Vulnerability Management Tips for the Shadow Brokers Leaked Exploits
Rebekah Brown [/author/rebekah-brown] and the Rapid7 team have delivered a
spot-on breakdown of the recent Shadow Brokers exploit and tool release. Before
you read any further, if you haven't done so already, please read her post
[/2017/04/18/the-shadow-brokers-leaked-exploits-faq]. It's probably not the only
post you've read on this topic, but it is cogent, well-constructed and worth the
5 minutes.
Back with me? With all of the media attention and discussion in the infosec
community, it would
Read Full Post
3 min
Endpoints
Live Vulnerability Monitoring with Agents for Linux...and more
A few months ago, I shared news of the release of the macOS Insight Agent
[/2016/12/29/macos-agent-in-nexpose-now]. Today, I'm pleased to announce the
availability of the the Linux Agent within Rapid7's vulnerability management
solutions [https://rapid7.com/solutions/vulnerability-management/]. The arrival
of the Linux Agent completes the trilogy that Windows and macOS began in late
2016. For Rapid7 customers, all that really matters is you've got new
capabilities to add to your kit.
Introducin
Read Full Post
5 min
CIS Controls
The CIS Critical Security Controls Explained - Control 3: Continuous Vulnerability Management
Welcome to the third blog post on the CIS Critical Security Controls
[https://rapid7.com/solutions/compliance/critical-controls/]! This week, I will
be walking you through the third Critical Control: Continuous Vulnerability
Management. Specifically, we will be looking at why vulnerability management
[https://rapid7.com/solutions/vulnerability-management/] and remediation is
important for your overall security maturity, what the control consists of, and
how to implement it.
Organizations operat
Read Full Post
5 min
CIS Controls
The CIS Critical Security Controls Explained - Control 5: Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
Stop No. 5 on our tour of the CIS Critical Security Controls
[https://www.rapid7.com/solutions/compliance/critical-controls/] (previously
known as the SANS Top 20 Critical Security Controls) deals with Secure
Configuration for Hardware and Software on Mobile Devices, Laptops,
Workstations, and Servers. This is great timing with the announcement of the
death of SHA1. (Pro tip: don't use SHA1
[https://arstechnica.com/security/2017/02/at-deaths-door-for-years-widely-used-sha1-function-is-now-dead/]
Read Full Post
6 min
GDPR
Preparing for GDPR Compliance: 10 Actionable Recommendations
GDPR is coming…..
If your organisation does business with Europe, or more specifically does
anything with the Personal Data of EU Citizens who aren't dead (i.e. Natural
Persons), then, just like us, you're going to be in the process of living the
dream that is Preparing for the General Data Protection Regulation (GDPR
compliance) [https://www.rapid7.com/solutions/compliance/gdpr/]. For many
organisations, this is going to be a gigantic exercise, as even if you have
implemented processes and tec
Read Full Post
4 min
Vulnerability Management
Vulnerability Management: Best Practices
We are often asked by customers for recommendations on what they should be
scanning, when they should be scanning, how they ensure remote devices don't get
missed, and in some cases why they need to scan their endpoints (especially when
they have counter-measures in place protecting the endpoints). This blog post is
intended to help you understand why running regular scans is a vital part of a
security program, and to give you options on how to best protect your ecosystem.
Q: What do I need to
Read Full Post
5 min
Haxmas
12 Days of Haxmas: Giving the Gift of Bad News
Merry HaXmas to you! Each year we mark the 12 Days of HaXmas [/tag/haxmas] with
12 blog posts on hacking-related topics and roundups from the year. This year,
we're highlighting some of the “gifts” we want to give back to the community.
And while these gifts may not come wrapped with a bow, we hope you enjoy them.
This holiday season, eager little hacker girls and boys around the world will be
tearing open their new IoT gadgets and geegaws, and set to work on evading
tamper evident seals, proxy
Read Full Post
3 min
Nexpose
Vulnerability Categories and Severity Levels: "Informational" Vulnerabilities vs. True Vulnerabilities
A question that often comes up when looking at vulnerability management tools
[https://www.rapid7.com/products/nexpose/?CS=blog] is, “how many vulnerability
checks do you have?” It makes sense on the surface; after all, less
vulnerability checks = less coverage = missed vulnerabilities during a scan
right?
As vulnerability researchers would tell you, it's not that simple: Just as not
all vulnerabilities are created equal, neither are vulnerability checks.
How “True” Vulnerability Checks Work
A
Read Full Post
5 min
Research
Research Report: Vulnerability Disclosure Survey Results
When cybersecurity researchers find a bug in product software, what's the best
way for the researchers to disclose the bug to the maker of that software? How
should the software vendor receive and respond to researchers' disclosure?
Questions like these are becoming increasingly important as more
software-enabled goods - and the cybersecurity vulnerabilities they carry -
enter the marketplace. But more data is needed on how these issues are being
dealt with in practice.
Today we helped publish
Read Full Post
5 min
Nexpose
Vulnerability Management: Live Assessment and the Passive Scanning Trap
With the launch of Nexpose Now [https://www.rapid7.com/products/nexpose/now.jsp]
in June, we've talked a lot about the “passive scanning trap
[https://information.rapid7.com/nexpose-now-release-webcast-6.14.html]” and
“live assessment” in comparison. You may be thinking: what does that actually
mean? Good question.
There has been confusion between continuous monitoring and continuous
vulnerability assessment
[https://www.rapid7.com/solutions/vulnerability-assessment.jsp] – and I'd like
to pr
Read Full Post
3 min
Nexpose
Vulnerability Assessment Reports in Nexpose: The Right Tool for the Right Job
Nexpose supports a variety of complementary reporting solutions that allows you
to access, aggregate, and take action upon your scan data. However, knowing
which solution is best for the circumstance can sometimes be confusing, so let's
review what's available to help you pick the right tool for the job.
I want to pull a vulnerability assessment report out of Nexpose. What are my
options?
Web Interface
The Nexpose web interface provides a quick and easy way to navigate through your
data. You ca
Read Full Post
5 min
Vulnerability Disclosure
Never Fear, Vulnerability Disclosure is Here
Last week, some important new developments in the way the US government deals
with hackers were unveiled
[https://medium.com/@SecDef/building-on-the-lessons-learned-from-hacking-the-pentagon-b5b58548b6a9#.u7xmdqrxs]
: the first ever vulnerability disclosure policy of the Department of Defense
[https://hackerone.com/deptofdefense]. Touted by Secretary Ash Carter as a ‘see
something, say something' policy for the digital domain, this not only provides
guidelines for reporting security holes in DoD
Read Full Post
5 min
Research
NCSAM: Coordinated Vulnerability Disclosure Advice for Researchers
This is a guest post from Art Manion [https://twitter.com/zmanion], Technical
Manager of the Vulnerability Analysis Team at the CERT Coordination Center
(CERT/CC) [http://www.cert.org/]. CERT/CC is part of the Software Engineering
Institute at Carnegie Mellon University.
October is National Cyber Security Awareness month and Rapid7 is taking this
time to celebrate security research. This year, NCSAM coincides with new legal
protections for security research under the DMCA
[/2016/10/03/cybersecu
Read Full Post
3 min
Nexpose
Publishing Nexpose Asset Risk Scores to ePO
Security professionals today face great challenges protecting their assets from
breaches by hackers and malware. A good vulnerability management solution
[https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] could
help mitigate these challenges, but vulnerability management solutions often
produce huge volumes of data from scanning and require lots of time spent in
differentiating between information and noise.
Rapid7 Nexpose [https://www.rapid7.com/products/nexpose/?CS=blog]
Read Full Post
3 min
Nexpose
Discovery of ePO Assets in Nexpose
As a corporate network grows and new locations are opened up, it becomes
increasingly difficult for companies to keep track of and understand their total
asset count and the associated risk exposure. Nexpose
[https://www.rapid7.com/products/nexpose/?CS=blog] lets you easily discover all
of your assets before a scan, but if that information is already in a great
asset management tool like McAfee ePO, why waste time and duplicate efforts? Now
you don't have to, with the ability to automatically im
Read Full Post
2 min
Nexpose
Nexpose integrates with McAfee ePO and DXL: The first unified vulnerability management solution for Intel Security customers!
We wanted to give you a preview into Nexpose's new integration with both McAfee
ePolicy Orchestrator (ePO) and McAfee Data Exchange Layer (DXL); this is the
next stage of our partnership with Intel as their chosen vendor for
vulnerability management [PDF]
[https://www.rapid7.com/docs/Product-Brief-Nexpose-MVM-with-feature-list-FINAL-120315.pdf]
. This partnership is also a first for both Rapid7 and Intel, as Nexpose is the
only vulnerability management
[https://www.rapid7.com/solutions/vulnerabi
Read Full Post
11 min
Vulnerability Disclosure
Multiple Bluetooth Low Energy (BLE) Tracker Vulnerabilities
Executive Summary
While examining the functionality of three vendors' device tracker products, a
number of issues surfaced that leak personally identifying geolocation data to
unauthorized third parties. Attackers can leverage these vulnerabilities to
locate individual users' devices, and in some cases, alter geolocation data for
those devices. The table below briefly summarizes the twelve vulnerabilities
identified across three products.
VulnerabilityDeviceR7 IDCVECleartext PasswordTrackR Brav
Read Full Post
4 min
Security Strategy
Checks and Balances - Asset + Vulnerability Management
Creating a Positive Feedback Loop
Recently I've focused on some specific use cases for vulnerability analytics
within a security operations program. Today, we're taking a step back to
discuss tying vulnerability management
[https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] back in
to asset management to create a positive feedback loop. This progressive,
strategic method can mitigate issues and oversights caused by purely tactical,
find-fix vulnerability cycles. And it can
Read Full Post
6 min
Metasploit
Establishing an Insider Threat Program for Your Organization
Whether employees realize it or not, they can wreak havoc on internal and
external security protocols. Employees' daily activities (both work and
personal) on their work devices (computers, smartphone, and tablets) or on their
company's network can inflict damage. Often called “insider threats,
[/2016/05/05/insider-threat-or-intruder-effective-detection-doesnt-care]”
employees' actions, both unintentional or intentional, are worth paying heed to
whenever possible. Gartner's Avivah Litan reported
Read Full Post
3 min
Vulnerability Management
Warning: This blog post contains multiple hoorays! #sorrynotsorry
Hooray for crystalware!
I hit a marketer's milestone on Thursday – my first official award ceremony,
courtesy of the folks at Computing Security Awards
[http://computingsecurityawards.co.uk/], which was held at The Cumberland Hotel
in London. Staying out late on a school night when there's a 16 month old
teething toddler in the house definitely took it's toll the following morning,
but the tiredness was definitely softened by the sweet knowledge that we'd left
the award ceremony brandishing som
Read Full Post
4 min
Nexpose
Creating your First Vulnerability Scan: Nexpose Starter Tips
Welcome to Nexpose and the Rapid7 family! This blog is a step by step guide for
new Nexpose [https://www.rapid7.com/products/nexpose/?CS=blog] customers to show
you how to set up your first site, start a scan, and get your vulnerability
management
[https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] program
under way.
First thing's first: A few definitions in Nexpose:
Site: A (usually) physical group of assets; i.e. what you want to scan
Scan Template: The things that your
Read Full Post
2 min
Vulnerability Disclosure
R7-2016-21 Nine Folders Certificate Validation Vulnerability (CVE-2016-6533)
Due to a lack of certificate validation with a configured remote Microsoft
Exchange server, Nine leaks associated Microsoft Exchange user credentials, mail
envelopes and their attachments, mailbox synchronization information, calendar
entries and tasks. This issue presents itself regardless of SSL/TLS trust
settings within the Nine server settings panel.
October 13, 2016 update: Version 3.1.0 was released by the vendor to address
these issues.
Credit
Discovered by Derek Abdine [https://twitter
Read Full Post
2 min
Nexpose
Live Monitoring with Endpoint Agents
At the beginning of summer, we announced some major enhancements
[https://www.rapid7.com/products/nexpose/now.jsp] to Nexpose including Live
Monitoring, Threat Exposure Analytics, and Liveboards, powered by the Insight
Platform [https://www.rapid7.com/trust/]. These capabilities help organizations
using our vulnerability management
[https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] solution
to spot changes as it happens and prioritize risks for remediation.
We've also been
Read Full Post
2 min
Nexpose
Vulnerability Remediation with Nexpose
At the beginning of summer, we announced some major enhancements
[https://www.rapid7.com/products/nexpose/now.jsp?CS=blog] to Nexpose
[https://www.rapid7.com/products/nexpose/?CS=blog] including Live Monitoring,
Threat Exposure Analytics, and Liveboards, powered by the Insight Platform
[https://www.rapid7.com/trust/?CS=blog]. These capabilities help organizations
using our vulnerability management
[https://www.rapid7.com/solutions/vulnerability-management.jsp?CS=blog] solution
to spot changes as
Read Full Post
4 min
Nexpose
InsightIDR & Nexpose Integrate for Total User & Asset Security Visibility
Rapid7's Incident Detection and Response
[https://www.rapid7.com/solutions/incident-detection/] and Vulnerability
Management [https://www.rapid7.com/solutions/vulnerability-management.jsp]
solutions, InsightIDR [https://www.rapid7.com/products/insightidr/] and Nexpose
[https://www.rapid7.com/products/nexpose/], now integrate to provide visibility
and security detection across assets and the users behind them. Combining the
pair provides massive time savings and simplifies incident investigation
Read Full Post
2 min
Nexpose
Remediating the CISCO EXTRABACON Vulnerability (CVE-2016-6366) with Nexpose
Recently, our research team recently wrote an extensive blog
[/2016/09/06/bringing-home-the-extrabacon?CS=blog] on the EXTRABACON exploit
(finally a name that we can all get behind). Our research with Project Sonar
showed that a large number of devices and organizations are still exposed to
this vulnerability, even though a patch has been released; and today I thought
we'd get pragmatic and show how you can measure your exposure using Nexpose
vulnerability management.
[https://www.rapid7.com/s
Read Full Post
4 min
Nexpose
Vulnerability Management Technique: Managing Asset Exclusion to Avoid Blind Spots
Don't Create Blind Spots
As a consultant for a security company like Rapid7, I get to see many of the
processes and procedures being used in Vulnerability Management
[https://www.rapid7.com/solutions/vulnerability-management.jsp] programs across
many types of companies. I must admit, in the last few years there have been
great strides in program maturity across the industry, but there is always room
for improvement. Today I am here to help you with one of these improvements –
avoiding asset risk
Read Full Post
2 min
Exploits
R7-2016-19: Persistent XSS via Unescaped Parameters in Swagger-UI (CVE-2016-5682)
Parameters within a Swagger document are insecurely loaded into a browser based
documentation. Persistent XSS occurs when this documentation is then hosted
together on a public site. This issue was resolved in Swagger-UI 2.2.1
[https://github.com/swagger-api/swagger-ui/releases/tag/v2.2.1].
Summary
One of the components used to build the interactive documentation portion of the
swagger ecosystem is the Swagger-UI [https://github.com/swagger-api/swagger-ui].
This interface generates dynamic docu
Read Full Post
3 min
Nexpose
Building A Vulnerability Management Program that Thinks Like an Attacker, But Prioritizes Like a Business
Vulnerabilities are not created equal, not when there are so many dependencies,
not only around the vuln itself, but it's applicability to your business. Sure,
CVSS helps, a little, but ultimately what it has left us all with is a long list
of 9s and 10s (or ‘high' alerts) and zero visibility into what to actually fix
first. Ideally your vulnerability management program is prioritizing
vulnerabilities by business impact, not just CVSS.
In 2009 Rapid7 acquired Metasploit [https://www.rapid7.com/
Read Full Post
2 min
Nexpose
Better, Faster, Stronger: Nexpose Scan Times improved by over 10x!
In any vulnerability management
[https://www.rapid7.com/solutions/vulnerability-management.jsp] program,
defenders are always racing against time to identify new exposures and get the
latest data. The recent Nexpose Now release made this easier than ever in
Nexpose, but active scans will always remain important. Over the past quarter,
we've made major strides in improving our scan engine performance so that
customers can get the data and the fixes they need fast enough to keep up with
the bad gu
Read Full Post
6 min
Vulnerability Management
Vulnerability Management Needs To Stop Slowing Security Improvement
Incremental improvement is great. Nothing, especially in the world of software,
is perfect when first released to the market, so iterative improvement is an
expectation every customer must have. But problems begin to arise for users when
incremental improvement becomes the accepted norm for long periods of time. Many
experts in the vulnerability management market believe that is what's happened
in the industry: vendors continuously spit out minimal, albeit important,
updates such as a new report
Read Full Post
3 min
Nexpose
Nexpose Now: Because Security Doesn't Wait
Attackers don't wait for your schedule, in fact, they try and take advantage of
your ‘windows of wait' when you're biding your time waiting for a scan. Just
think of your typical Patch Tuesday, when you walk in on Wednesday your
vulnerability management solution has all the checks, but then you wait for that
next scan. You wait for data to be recollected, assessed, and then hopefully
served up in a way that is intuitive and describes exactly what you need to do,
and when. At that point the work
Read Full Post
4 min
Verizon DBIR
2016 Verizon Data Breach Report: Vulnerability Management Takeaways
This year's 2016 Verizon Data Breach Investigations Report
[http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/] has plenty of
juicy data to pour over and for the past week we've been providing
recommendations for ways to improve your security program and stop attackers.
The report didn't provide any huge surprises, except for the fact that
everything that was bad just keeps getting worse. Thus, we've had some great
posts from my teammates focused on the Verizon Data Breach Investig
Read Full Post
2 min
Nexpose
Nexpose Content Release Cadence
Over the past year our Nexpose team has taken on the challenge of overhauling
our product and internal processes to enable more frequent and seamless content
releases. The objective is simple, get customers content to their consoles
faster without disrupting their workflow and currently running or scheduled
scans. This enables security teams to respond to industry trends much faster and
coupled with our new adaptive security feature enables low impact delta scans of
just the new or updated vulne
Read Full Post
5 min
Vulnerability Management
Using the National Vunerability Database to Reveal Vulnerability Trends Over Time
This is a guest post by Ismail Guneydas. Ismail Guneydas is senior technical
leader with over ten years of experience in vulnerability management, digital
forensics, e-Crime investigations and teaching. Currently he is a senior
vulnerability manager at Kimberly-Clark and an adjunct faculty at Texas A&M. He
has M.S. in computer science and MBA degrees.
2015 is in the past, so now is as good a time as any to get some numbers
together from the year that was and analyze them. For this blog post,
Read Full Post
2 min
Nexpose
Adaptive Security: Rapid7 Critical Vulnerability Category
Starting this week, we have added a new vulnerability category: Rapid7 Critical.
When we examine a typical vulnerability, each vulnerability comes with various
pieces of information such as CVE id, CVSS score, and others. These pieces of
information can be very handy especially when you set up Automated Actions in
Nexpose. Here is an example:
As you can see the example on the right, this trigger will initiate a scan
action if there is a new coverage available that meets the criteria of CVSS
Read Full Post
6 min
Government
Vulnerability Disclosure and Handling Surveys - Really, What's the Point?
Maybe I'm being cynical, but I feel like that may well be the thought that a lot
of people have when they hear about two surveys posted online this week to
investigate perspectives on vulnerability disclosure and handling. Yet despite
my natural cynicism, I believe these surveys are a valuable and important step
towards understanding the real status quo around vulnerability disclosure and
handling so the actions taken to drive adoption of best practices will be more
likely to have impact.
Hopef
Read Full Post
1 min
Vulnerability Management
Further Control of Dynamic Connections with Adaptive Security
As we have reached out to customers for feedback on Adaptive Security use cases
(see: Adaptive Security Overview [/2015/10/02/adaptive-security-overview] for
details on this feature), we have found that many customers would like to
control the outcome of the “New Asset discovered” trigger. They want to be able
to not just kick a scan since they either have some restrictions as to when to
scan, or they don't scan everything that comes out of DHCP (or other dynamic
source of assets), for some netw
Read Full Post
3 min
Nexpose
Nation's 'Hacker-in-Chief' Demonstrates Old Dog's Value
In today's security ecosystem, there are several technologies/programs that are
considered to be the old dogs. They've been around the block a few times, have
a few gray hairs, and just aren't as sexy anymore. Most companies have had
these technologies for years now, and they typically don't get the headlines
that some of the newer, hotter technologies are getting. Antivirus, Email
Security, Firewalls, and Vulnerability Management are a few of these. It's hard
to compete with big-data-machin
Read Full Post
8 min
Vulnerability Management
ScanNow DLL Search Order Hijacking Vulnerability and Deprecation
Overview
On November 27, 2015, Stefan Kanthak contacted Rapid7 to report a vulnerability
in Rapid7's ScanNow tool. Rapid7 takes security issues seriously and this was
no exception. In combination with a preexisting compromise or other
vulnerabilities, and in the absence of sufficient mitigating measures, a system
with ScanNow can allow a malicious party to execute code of their choosing
leading to varying levels of additional compromise. In order to protect the
small community of users who ma
Read Full Post
1 min
Nexpose
New Vulnerability Filtering in Adaptive Security
Nexpose has long provided the ability to filter vulnerabilities by a wide
variety of categories and operators. Starting in Nexpose 6.1, filtering in
new-vulnerability actions in Adaptive Security closely mirrors that of Nexpose.
New vulnerability actions were covered in a recent blog .How Adaptive Security
fits into your Vulnerability Management Program).
[/2015/11/20/how-adaptive-security-fits-into-your-vulnerability-management-program]
Similarity to Nexpose Filtering
The enhanced filters no
Read Full Post
4 min
Vulnerability Management
How Adaptive Security fits into your Vulnerability Management Program
Building an Application Vulnerability Management Program, found in the SANS
Institute Reading Room (
https://www.sans.org/reading-room/whitepapers/application/building-application-v
ulnerability-management-program-35297), identifies vulnerability program
management as a cyclical process involving the following steps:
* Policy
* Discovery and Baseline
* Prioritization
* Shielding and Mitigation
* Eliminating the Root Cause
* Monitoring
While the use of Nexpose applies to several of these
Read Full Post
6 min
Vulnerability Disclosure
Multiple Insecure Installation and Update Procedures for RStudio (R7-2015-10) (FIXED)
Prior to RStudio version 0.99.473, the RStudio integrated toolset for Windows is
installed and updated in an insecure manner. A remote attacker could leverage
these flaws to run arbitrary code in the context of the system Administrator by
leveraging two particular flaws in the update process, and as the RStudio user
via the third update process flaw. This advisory will discuss all three issues.
Since reporting these issues, RStudio version 0.99.473 has been released. This
version addresses all
Read Full Post
2 min
Vulnerability Management
Top 3 Takeaways from the "Detecting the Bear in Camp: How to Find your True Vulnerabilities" Webcast
In the webinar, “Detecting the Bear in Camp: How to Find your True
Vulnerabilities
[https://information.rapid7.com/detecting-the-bear-in-camp-how-to-find-your-true-vulnerabilities.html?CS=blog]
”, Jesika McEvoy and Ryan Poppa discussed what it takes to be successful in a
vulnerability centric world. Many companies fall short when it comes to
remediation after spending too much time trying to scan everything and find
every vulnerability. Jesika and Ryan shared best practices for how to avoid thi
Read Full Post
1 min
Android
Disclosure: Android Chrome Address Bar Spoofing (R7-2015-07)
Android Chrome Address Bar Spoofing (R7-2015-07)
Summary
Due to a problem in handling 204 "No Content" responses combined with a
window.open event, an attacker can cause the stock Chrome browser on Android to
render HTML pages in a misleading context. This effect was confirmed on an
Android device running Lollipop (5.0). An attacker could use this vulnerability
to convince a victim of a phishing e-mail, text, or link to enter private
credentials to an untrusted page controlled by the attacker.
Read Full Post
3 min
Exploits
R7-2015-01: CSRF, Backdoor, and Persistent XSS on ARRIS / Motorola Cable Modems
By combining a number of distinct vulnerabilities, attackers may take control of
the web interface for popular cable modems in order to further compromise
internal hosts over an external interface.
Affected Product
ARRIS / Motorola SURFboard SBG6580 Series Wi-Fi Cable Modem
The device is described by the vendor as a "fully integrated all-in-one home
networking solution that combines the functionality of a DOCSIS/EuroDOCSIS 3.0
cable modem, four-port 10/100/1000 Ethernet switch with advanced fi
Read Full Post
1 min
Vulnerability Management
March 2015 OpenSSL Security Advisory
Today OpenSSL released a security advisory
[https://openssl.org/news/secadv_20150319.txt] listing 14 vulnerabilities
affecting various versions of OpenSSL. There are 2 High, 9 Moderate, and 3 Low
severity vulnerabilities in the mix.
The security community was anxious that there could be another Heartbleed (or
worse) in this list. Thankfully, this is NOT the case, even among the High
severity vulnerabilities. Many of these vulnerabilities are limited in their
scope, impact, and/or prevalence (es
Read Full Post
3 min
Vulnerability Disclosure
Weekly Metasploit Wrapup
McAfee ePO Vulnerability Disclosure
This week, we have another delightful exploit from our dear friend Brandon
Perry, which targets McAfee's ePolicy Orchestrator. This bug was disclosed on
the Full Disclosure mailing list [http://seclists.org/fulldisclosure/2015/Jan/8]
on January 8, hit the Metasploit pull request queue
[https://github.com/rapid7/metasploit-framework/pull/4586] on January 14, and
was committed to the master branch of Metasploit Framework on January 18th,
whereupon it got picked
Read Full Post
9 min
Vulnerability Disclosure
R7-2014-12: More Amplification Vulnerabilities in NTP Allow Even More DRDoS Attacks
Overview
As part of Rapid7 Labs' Project Sonar [https://sonar.labs.rapid7.com/], among
other things, we scan the entire public IPv4 space (minus those who have opted
out) looking for listening NTP servers. During this research we discovered some
unknown NTP servers responding to our probes with messages that were entirely
unexpected. This lead to the writing of an NTP fuzzer in Metasploit
[https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/fuzzers/ntp/ntp_protocol_fuz
Read Full Post
1 min
Vulnerability Management
Done with Vulnerability Management 101? Build an advanced risk management program
Nobody wants to be part of a team that just chugs along, sight unseen until The
Next Big Crisis hits—advanced security teams know how to provide true business
value every day, and they have the results to prove it, too.
These security teams know that the key to their success is not playing
whack-a-mole with whatever vulnerabilities they have time to address, but rather
they take a step back and look at the whole business for context and cues. Not
all assets are equally important to a business--
Read Full Post
13 min
Zero-day
R7-2013-19 Disclosure: Yokogawa CENTUM CS 3000 Vulnerabilities
On Saturday, March 8th, @julianvilas [https://twitter.com/julianvilas] and I
spoke at RootedCON [https://www.rootedcon.es/?lang=en] about our work with the
Yokogawa CENTUM CS3000 product. Today, as promised, we're publishing details for
three of the vulnerabilities found in the product. For all of you who weren't
able to attend RootedCON, we're going just to quote the Yokogawa description of
their own product
[http://www.yokogawa.com/dcs/products/cs3000/overview/dcs-3k-0101en.htm] in
order to in
Read Full Post
3 min
Open Source
Metasploit Weekly Update: On Breaking (and Fixing!) Security Software
Attacking Security Infrastructure
This week, one module stands out for me: the Symantec Endpoint Protection
Manager Remote Command Execution
[http://www.metasploit.com/modules/exploit/windows/antivirus/symantec_endpoint_manager_rce]
by xistence [https://github.com/xistence], who built on the proof-of-concept
code from Chris Graham [http://www.exploit-db.com/exploits/31853/], who turned
that out after Stefan Viehbock's disclosure from last week. You can read the
full disclosure text from SEC Co
Read Full Post
1 min
Awards
And the winner is...you!
On Saturday night, amidst the neon lights and smoke-filled casinos of Las Vegas,
Rapid7's Support team won an award: the 2014 Silver Stevie for Best Frontline
Customer Service Team. This holds special meaning to us, because the award isn't
really about Rapid7. It's about our customers.
Over the years Rapid7 Support has built strong relationships with countless
organizations on their journey towards a well-managed information security
program. Our team of experts strives to make the support proc
Read Full Post
1 min
Vulnerability Management
Rapid7 Given Vulnerability Management Market Penetration Leadership Award by Frost & Sullivan
This week, we proudly announced that Frost & Sullivan has presented Rapid7 with
the Global Vulnerability Management Market Penetration Leadership award.
So what does that mean, exactly? In a nutshell: We're growing really fast.
Faster than anyone else in this space, in fact.
“Rapid7 is renowned for its reputation in vulnerability management, which is an
integral part of any security program,” said Chris Kissel, Frost & Sullivan
industry analyst, in the report. “Because Rapid7 has made signif
Read Full Post
1 min
Nexpose
NEX-37823 XSS in Nexpose vuln-summary.jsp (Fixed)
Nexpose users are urged to update to the lastest version of Nexpose to receive
the patch for the described security vulnerability. Note that by default,
Nexpose installations update themselves automatically.
A cross-site scripting (XSS) vulnerability has been discovered by Yunus ÇADIRCI
[https://twitter.com/yunuscadirci] and subsequently patched in recent versions
of Rapid7's Nexpose vulnerability scanner.
By providing URL-encoded HTML tags (including script tags), an unauthenticated
attacker
Read Full Post
4 min
Vulnerability Disclosure
Supermicro IPMI Firmware Vulnerabilities
Introduction
This post summarizes the results of a limited security analysis of the
Supermicro IPMI firmware. This firmware is used in the baseboard management
controller (BMC) of many Supermicro motherboards.
The majority of our findings relate to firmware version SMT_X9_226. The
information in this post was provided to Supermicro on August 22nd, 2013 in
accordance with the Rapid7 vulnerability disclosure policy. More information on
this policy can be found online at http://www.rapid7.com/disc
Read Full Post
5 min
Vulnerability Disclosure
Seven FOSS Tricks and Treats (Part One)
Adventures in FOSS Exploitation, Part One: Vulnerability Discovery
This is the first of a pair of blog posts covering the disclosure of seven new
Metasploit modules exploiting seven popular free, open source software (FOSS)
projects. For technical details on the security issues for the applications
discussed here, see Brandon Perry's exhaustive blog post
[/2013/10/30/seven-tricks-and-treats].
Back over DEFCON, Metasploit contributor Brandon Perry decided to peek in on
SourceForge, that grand-da
Read Full Post
9 min
Vulnerability Disclosure
Seven FOSS Tricks and Treats (Part Two)
Adventures in FOSS Exploitation, Part Two: Exploitation
This is part two of a pair of articles about disclosing vulnerabilities in a set
of FOSS projects, see part one [/2013/10/30/seven-foss-disclosures-part-one] for
some background on these vulnerabilities in particular, and some general advice
for FOSS developers and maintainers.
A while back, I started a project to go over some of the top Sourceforge web
applications and try to write some Metasploit modules for them. In the end, I
was able
Read Full Post
2 min
Microsoft
Patch Tuesday - April 2013 Edition!
The April 2013 MS Tuesday advisories are is out and it forecasts an interesting
patching session for Microsoft administrators. There are 9 advisories, for 14
CVEs, affecting 16 distinct platforms in 5 categories of Microsoft products,
including the not-often-seen patching of “Microsoft Office Web Apps” and
“Microsoft Security Software”.
Once again there is an IE patch (MS13-028) which is rated critical, but this one
differs from last month's incarnation by applying to all supported versions
Read Full Post
2 min
Microsoft
Microsoft Security Bulletin Summary for December 2012
Microsoft Security Bulletin Summary for December 2012 contains seven bulletins;
five critical and two important. The key take away for this month's patch cycle
is that most of the impact related to these vulnerabilities can be drastically
minimized if the “least privilege” principle is enforced in organizations. It's
always a good idea to look at the proliferation of administrative accounts, and
many organizations can bring in the new year with fresh patches and limiting
their administrative ac
Read Full Post
1 min
Metasploit
Webcast: Decrease Your Risk of a Data Breach - Effective Security Programs with Metasploit
Thanks for the many CISOs and security engineers who attended our recent
webcast, in which I presented some practical advice on how to leverage
Metasploit to conduct regular security reviews that address current attack
vectors. While Metasploit is often used for penetration testing projects, this
presentation focuses on leveraging Metasploit for ongoing security assessments
that can be achieved with a small security team to reduce the risk of a data
breach.
This webcast is now available for on-
Read Full Post
1 min
Metasploit
UNITED Security Summit - Your Man on the Street
Hello all,
I'm Patrick Hellen, the Community Manager for SecurityStreet. This week, I'm
going to be coming to you live from the San Francisco show floor of the UNITED
Security Summit, giving my impressions of what's happening at the event over the
next week. I'll be speaking about everything, from the topics in the various
talk tracks, to the sheer amount of fun at the party.
I'll also be hijacking the Rapid7 Twitter feed for the next few days - to make
sure you're up to date on my random path
Read Full Post
1 min
Microsoft
Microsoft Security Bulletin Summary for August 2012
Microsoft's Patch Tuesday Security Bulletin Summary for August 2012 contains
nine bulletins and addresses 28 vulnerabilities.
MS12-052 is a critical patch for four vulnerabilities in Internet Explorer 6, 7,
and 8. This bulletin is a continuation in Microsoft's monthly Internet Explorer
patch cadence. This should be number one on organizations' and consumers' “must
patch” list.
MS12-053, labeled as critical, patches yet another Remote Desktop Protocol (RDP)
vulnerability, though Microsoft st
Read Full Post
3 min
Networking
SOC Monkey - Week in Review - 7.2.2012
Happy Monday Monkeynauts!
My Free App [http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8] from
the Apple App Store [http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8]
had these following links as it's most repeated and retweeted last week. Let's
take a look at what had everyone buzzing.
First up this week, is the response from RSA to a few posts saying they were
hacked: Don't Believe Everything You Read; Your RSA SecurID Token is Not
Cracked.
[http://blogs.rsa.com/curry/d
Read Full Post
5 min
Compliance
5 NON-TECHNICAL REASONS ORGANIZATION GET BREACHED
For every data breach that makes the headlines, there are tens to hundreds that
go unreported by the media, unreported by companies, or even worse, go
unnoticed.
The rash of negative publicity around organizations that have experienced data
breaches would appear to be a sufficient motivator to whip corporate leaders
into bolstering their security programs in order to prevent from being the next
major headline. If that is not reason enough, the litany of regulations imposed
on certain industries
Read Full Post
2 min
Microsoft
Microsoft Security Bulletin Summary for June 2012
The Microsoft Security Bulletin Summary for June 2012 contains 7 bulletins
addressing 28 security bugs. Three of the bulletins are rated “critical” and
the rest “important”.
MS12-036 is a critical bulletin that addresses vulnerabilities allowing an
attacker remote code execution related to the Windows Remote Desktop Protocol
(RDP). This relates to MS12-020, which had organizations on high alert in March
after Microsoft issued warnings that the vulnerability could be weaponized to
result in wid
Read Full Post
1 min
Exploits
Oracle Issues Java Security Fixes
Oracle released Java Release 7 Update 5 and Java Release 6 Update 33 in order to
patch several security vulnerabilities. I expect older versions to have public
exploit code available soon. IsJavaExploitable.com
[http://isjavaexploitable.com/] has been updated to assist everyone in detecting
if they need to upgrade. Apple has also made patches available for OS X, which
is a testament to Apple improving their consumer security. In the last couple of
months Apple has made drastic improvements on re
Read Full Post
3 min
Networking
SOC Monkey - Week In Review - 6.11.12
Dear Monkeynauts,
As some of you might have noticed, I've moved my publication date out to Monday
going forward. This gives you the entire weekend to download my App
[http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8], from the Apple
App
Store! [http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8]
I'm sure it's no surprise to all of you, that our most retweeted and talked
about topic this week is of course Linkedin, and their very large password leak,
followed swiftly by the
Read Full Post
3 min
Penetration Testing
SOC Monkey Week in Review - 5.4.12
Monkey Minions! I have returned! For those of you who still have not done so,
make sure to download my SOC Monkey App
[http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8], from the Apple
App
Store [http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8]. Still free,
still fantastic.
First up this week is the latest attempt of some type of legislation aimed at
cybersecurity: Passage of CISPA in the U.S. House highlights need for viable
cybersecurity legislation.
[http://radar.oreil
Read Full Post
2 min
Compliance
SOC Monkey Week in Review - 4.26.12
Dearest Monkey Minions,
It is once again your favorite Simian InfoSec curator, bringing you the most
interesting bits and pieces from my App
[http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8], that is, as you
know, free in the Apple App Store
[http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8].
This week, I'm actually traveling out there in that big wide world, so I'm going
to keep this relatively simple. Next week, my normal big monkey mouth will be
back in force, with lots
Read Full Post
3 min
Networking
SOC Monkey Week in Review - 4.19.12
Welcome back my Monkey minions, to the SOC Monkey Week In Review, (download me
now from the Apple App Store!
[http://itunes.apple.com/us/app/soc-monkey/id500480953?mt=8], I'm free!)
I'm starting off this week with a rather lengthy post about Cyberwar
[http://www.foreignpolicy.com/articles/2012/02/27/cyberwar?page=full] and all
the hype surrounding it. The article does a great job of pulling together all
the existing and threatened cyber attacks that have been targeted towards
Governmental entit
Read Full Post
1 min
Networking
Leveraging Security Risk Intelligence to Improve Your Security Posture
As most of you probably know, attackers routinely target exploitable weaknesses
of security systems rather than pre-identifying victims for their attacks. Also,
most breaches that occur in database security systems are avoidable without
expensive or sophisticated countermeasures.
In its 2012 Data Breach Investigations Report, Verizon
[http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf]
registered 174 million compromised records for 2011, compar
Read Full Post
2 min
Microsoft
Microsoft Security Bulletin Summary for April 2012
Microsoft Security Bulletin Summary for April 2012 contains six bulletins, four
of which are rated “critical”. All of the critical bulletins would result in
remote code execution. One of the important bulletins – MS12-028 – could also be
looked on as critical because it's easy to exploit and results in remote code
execution.
MS12-023 is a cumulative security update for Internet Explorer that patches six
vulnerabilities. This should be the top priority for organizations as users
could be compro
Read Full Post
2 min
Metasploit
Myth Busted: Apple is Hacker Proof
Update 4/4/2012: Apple released a patch for Java last night.
The first thing I'd like to say is that I am an Apple fanboy and can usually be
found defending them vigorously like any loyal fanboy would. I hear time and
time again from other Apple users that Apple products are "hacker proof", which
is a total myth. My buddy Jayson Street says Apple products are perceived as
shiny magical things, which I guess adds to the myth.
Mac users are so use to hearing about exploits that only affect Win
Read Full Post
1 min
Vulnerability Management
Verizon 2012 Data Breach Investigations Report
Verizon's 2012 Data Breach Investigations Report was just released and here are
my quick thoughts:
While there was an increase in the number of breaches, the good news is that 97%
of breaches were avoidable through simple or intermediate controls. There is a
low barrier for entry to pull off the majority of these breaches, with 96% of
attacks not particularly difficult to execute. In fact, I have yet to see any
credible reports linking more than single digit percentages to advanced attacks
and
Read Full Post
1 min
Nexpose
How to Check for Remote Desktop Protocol (RDP) Services
There are many organizations concerned with the critical Microsoft Security
Bulletin MS12-020
[http://technet.microsoft.com/en-us/security/bulletin/ms12-020] Remote Desktop
Protocol (RDP) vulnerability. Here is a quick way to check if you have Remote
Desktop Protocol running on your system or network. I used NMAP
[http://nmap.org/] to check my home network.
In the highlighted text below you can see that NMAP can check for the RDP
service running. If you can't patch, this is important because at
Read Full Post
2 min
Patch Tuesday
Microsoft Security Bulletin Summary for March 2012
The Microsoft Security Bulletin Summary for March 2012 covers one critical, four
important bulletins, and one moderate for a total of six bulletins.
MS12-020 is labeled as critical and affects all Windows XP Service Pack 3,
Windows Vista, Windows 7, Windows Server 2003, Windows Server 2008, and Windows
Server 2008 R2 that are running remote desktop protocol (RDP). RDP is used for
remote management by many organizations, and this will remind people of the
pcAnywhere vulnerabilities in the press
Read Full Post
2 min
Patch Tuesday
Microsoft Security Bulletin Summary for February 2012
In the Microsoft Security Bulletin Summary for February 2012, Microsoft released
nine bulletins to address 20 vulnerabilities. Instead of love on Valentine's
day, organizations may have fear pumping through their hearts when you couple
the recent news of several high profile breaches with Patch Tuesday.
There are four bulletins rated “critical” and they will likely affect all
organizations. The critical bulletins are MS12-008, MS12-010, MS12-013, and
MS12-016 which are all related to browsers a
Read Full Post
2 min
Metasploit
Getting The Most Out of Metasploit: Pentesting, Password Auditing, and Vulnerability Validation
When we talk to Metasploit users, they usually use it for either penetration
testing, password auditing or vulnerability validation, but few use it for more
than one of these purposes. By leveraging your investment in Metasploit, you can
triple-dip at the same price - no extra licenses needed.
Penetration Testing
With penetration testing, you can identify issues in your security
infrastructure that could lead to a data breach. Weaknesses you can identify
include exploitable vulnerabilities, we
Read Full Post
2 min
Microsoft
Microsoft Security Bulletin for January 2012
Only one of the bulletins is rated “Critical”: MS12-004, which is a
vulnerability relating to Windows Media Player. Exploiting this vulnerability
would allow remote code execution and this should be of top concern for both
companies and private users. This vulnerability can be exploited by embedded
malicious Windows Media Players in web pages. This should serve as a reminder
that we should expect researchers and attackers to continue to exploit client
applications such as media players and brow
Read Full Post
1 min
Penetration Testing
10 Places to Find Vulnerable Machines for Your Lab
It can sometimes be challenging to find vulnerable machines for your penetration
testing or vulnerability management lab. Here's a list of vulnerable machines
you should check out:
1. Metasploitable
[http://information.rapid7.com/download-metasploitable.html?LS=1631875&CS=web]
2. UltimateLAMP [http://ronaldbradford.com/tmp/UltimateLAMP-0.2.zip]
3. Web Security Dojo [http://sourceforge.net/projects/websecuritydojo/files/]
4. OWASP Hackademics
[https://code.google.com/p/owasp-ha
Read Full Post
2 min
Patch Tuesday
October 2011 Patch Tuesday
This month, Microsoft issued eight bulletins, addressing 23 vulnerabilities
across Microsoft Windows, Silverlight, .NET and Forefront product lines. Only
two bulletins were rated 'critical', and the rest were rated 'important'.
In terms of prioritizing patching, when I look at security vulnerabilities,
first I want to understand which ones can have the most widespread impact.
MS11-081is a cumulative update which affects Internet Explorer, so it relates to
both corporate and home users. These v
Read Full Post
1 min
Metasploit
Consulting for Profit: Building a Business on Security Assessments
Are you looking to expand your security consulting practice? Many companies
around the world have built a successful business by packaging vulnerability
management and penetration testing into the following services:
* Security assessments
* Deployment services
* Security awareness
* PCI Compliance * 11.2 Vulnerability Management
* 11.3 Penetration Testing
* Compliance and governance
* Managed security services
* Trainings
We've heard from a lot of the security consul
Read Full Post