3 min
Incident Response
Energize Your Incident Response and Vulnerability Management With Crowdsourced Automation Workflows
Bringing the spirit of open source to security workflow automation can help you detect and address breaches quickly, before they become major incidents.
6 min
Patch Tuesday
Patch Tuesday - August 2021
Hot off the press, it’s another issue of the Patch Tuesday blog! While the
number of vulnerabilities is low this month, there are a number of high risk
items administrators will want to patch right away including a few that will
require additional remediation steps. This Patch Tuesday also includes updates
for three vulnerabilities that were publicly disclosed earlier this month. Let’s
jump in.
Windows Elevation of Privilege Vulnerability aka HiveNightmare/SeriousSAM
https://msrc.microsoft.com/
11 min
Public Policy
Hack Back Is Still Wack
The appeal of hack back is easy to understand, but that doesn't make the idea workable. Here, we outline why Rapid7 is against the authorization of private-sector hack back.
8 min
Ransomware
Slot Machines and Cybercrime: Why Ransomware Won't Quit Pulling Our Lever
Ransomware remains a significant problem, partly because the incentives for everyone, including victims, are there to increase the number of ransomware attacks.
7 min
Ransomware
The Ransomware Task Force: A New Approach to Fighting Ransomware
The Institute for Security and Technology put together a comprehensive Ransomware Task Force (RTF) to identify new approaches to shift the dynamics of ransomware and reduce opportunities for attackers.
4 min
Metasploit
Metasploit Wrap-Up: Jul. 23, 2021
Now I Control Your Resource Planning Servers
Sage X3 is a resource planning product designed by Sage Group which is designed
to help established businesses plan out their business operations. But what if
you wanted to do more than just manage resources? What if you wanted to hijack
the resource server itself? Well wait no more, as thanks to the work of Aaron
Herndon [https://www.linkedin.com/in/aaron-herndon-54079b5a/], Jonathan Peterson
[https://www.linkedin.com/in/jonathan-p-004b76a1/], Will
3 min
InsightVM
What’s New in InsightVM: Q2 2021 in Review
Here is a rundown of new features and functionality launched in Q2 2021 for InsightVM and the Insight Platform.
9 min
Vulnerability Management
Patch Tuesday - July 2021
Microsoft has patched another 117 CVEs
[https://msrc.microsoft.com/update-guide/releaseNote/2021-Jul], returning to
volumes seen in early 2021 and most of 2020. It would appear that the recent
trend of approximately 50 vulnerability fixes per month was not indicative of a
slowing pace. This month there were 13 vulnerabilities rated Critical with
nearly the rest being rated Important. Thankfully, none of the updates published
today require additional steps to remediate, so administrators should b
2 min
Emergent Threat Response
ForgeRock Access Manager/OpenAM Pre-Auth Remote Code Execution Vulnerability (CVE-2021-35464): What You Need To Know
On June 29, 2021, researcher Michael Stepankin (@artsploit) posted details of a pre-auth remote code execution (RCE) vulnerability, CVE-2021-35464, in ForgeRock Access Manager identity and access management software that front-ends web applications and remote access solutions in many enterprises.
4 min
Vulnerability Management
InsightVM Release Announcement: Global Dashboard Filters
InsightVM users have been able to create dashboards, add different visualizations in the form of cards and apply filters to these cards. Rapid7 also provided dashboard templates which enabled users to create views focusing on scenarios
3 min
Vulnerability Management
Attack Surface Analysis Part 1: Vulnerability Scanning
In this three-part series, we’ll explore key considerations and strategies for choosing an attack surface analysis strategy. We’ll start with vulnerability assessment below.
8 min
Vulnerability Disclosure
Akkadian Provisioning Manager Multiple Vulnerabilities Disclosure (Fixed)
Researchers discovered a trio of vulnerabilities in the Akkadian Provisioning Manager version 4.50.18.
5 min
Vulnerability Management
Patch Tuesday - June 2021
It is another low volume Patch Tuesday this month as Microsoft releases fixes
for 50 vulnerabilities. This should not diminish the importance of speedily
applying the updates. 6 of the vulnerabilities being patched this month are
0-days under active exploitation (CVE-2021-31955
[https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31955],
CVE-2021-31956
[https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31956],
CVE-2021-33739
[https://msrc.microsoft.com/updat
4 min
Vulnerability Disclosure
CVE-2021-3198 and CVE-2021-3540: MobileIron Shell Escape Privilege Escalation Vulnerabilities
Discovered by Rapid7 researcher William Vu, Ivanti MobileIron Core versions 10.7.0.1-9 and 11.0.0.1-3 suffer from 2 restricted-shell escape vulnerabilities.
2 min
Emergent Threat Response
CVE-2021-21985: What you need to know about the latest critical vCenter Server vulnerability
On Tuesday, May 25, 2021, VMware published security advisory VMSA-2021-0010
[https://www.vmware.com/security/advisories/VMSA-2021-0010.html], which includes
details on CVE-2021-21985, a critical remote code execution vulnerability in the
vSphere Client (HTML5) component of vCenter Server (6.5, 6.7, and 7.0) and
VMware Cloud Foundation (3.x and 4.x). The vulnerability arises from lack of
input validation in the Virtual SAN Health Check plug-in, which is enabled by
default in vCenter Server. Succe