Posts tagged Vulnerability Management

Patch Tuesday - February 2022

February 2022's fixes from Microsoft are relatively light as far as Patch Tuesdays go.

Patch Tuesday - January 2022

The first Patch Tuesday of 2022 sees Microsoft publishing fixes for over 120 CVEs across the bulk of their product line, including 29 previously patched CVEs affecting their Edge browser via Chromium. None of these have yet been seen exploited in the wild, though six were publicly disclosed prior to today. This includes two Remote Code Execution (RCE) vulnerabilities in open source libraries that are bundled with more recent versions of Windows: CVE-2021-22947 [https://msrc.microsoft.com/update-

6 min Log4Shell

Log4Shell Strategic Response: 5 Practices for Vulnerability Management at Scale

Where do you begin to respond to a critical vulnerability like the one in Apache’s Log4j Java library (a.k.a. Log4Shell)? Start with these 5 concepts.

7 min Vulnerability Management

Patch Tuesday - December 2021

This month’s Patch Tuesday comes in the middle of a global effort to mitigate Apache Log4j CVE-2021-44228.

8 min InsightVM

Using InsightVM to Find Apache Log4j CVE-2021-44228

How to use InsightVM or Nexpose to detect exposure to Log4Shell CVE-2021-44228 in your environment, plus additional detail about how our various vulnerability checks work under the hood.

2 min InsightVM

Distribute Reports to Email Addresses in InsightVM

A new email reports feature in InsightVM allows users to easily and quickly distribute reports to users who may not have access to the platform.

3 min SOAR

Better Together: XDR, SOAR, Vulnerability Management, and External Threat Intelligence

Effectively prioritizing security incidents comes down to having the right data and intelligence from inside your IT environment and the world outside.

3 min Metasploit

Metasploit Wrap-Up

GitLab RCE New Rapid7 team member jbaines-r7 [https://github.com/jbaines-r7] wrote an exploit targeting GitLab via the ExifTool command. Exploiting this vulnerability results in unauthenticated remote code execution as the git user. What makes this module extra neat is the fact that it chains two vulnerabilities together to achieve this desired effect. The first vulnerability is in GitLab itself that can be leveraged to pass invalid image files to the ExifTool parser which contained the second v

4 min InsightVM

InsightVM Scan Diagnostics: Troubleshooting Credential Issues for Authenticated Scanning

Scan Diagnostics will report a “vulnerable” result against assets when the Scan Engine is supplied with credentials but unable to gather local information.

6 min InsightVM

Passwordless Network Scanning: Same Insights, Less Risk

The Scan Assistant is a lightweight service within InsightVM Network Scan Engine that can scan against targets without the need to provide credentials

7 min Vulnerability Management

Patch Tuesday - October 2021

Today’s Patch Tuesday sees Microsoft issuing fixes [https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct] for over 70 CVEs, affecting the usual mix of their product lines. From Windows, Edge, and Office, to Exchange, SharePoint, and Dynamics, there is plenty of patching to do for workstation and server administrators alike. One vulnerability has already been seen exploited in the wild: CVE-2021-40449 [https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40449] is an elev

3 min InsightVM

What's New in InsightVM: Q3 2021 in Review

In today's post, we're giving a rundown of new features and functionality launched in Q3 2021 for InsightVM and the Insight Platform.

6 min Research

For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy

When it comes to the state of patching for recent Exchange Server vulnerabilities, the picture is more incomplete than you'd think.

1 min Lost Bots

[The Lost Bots] Episode 6: D&R + VM = WINNING!

In this episode, Practice Advisor Devin Krugly joins to discuss how Detection and Response + Vulnerability Management = a winning combination.

2 min Emergent Threat Response

Critical vCenter Server File Upload Vulnerability (CVE-2021-22005)

On Tuesday, September 21, 2021, VMware published details on a critical file upload vulnerability in vCenter Server.