All Posts

3 min Detection and Response

Are You in the 2.5% Who Meet This Cybersecurity Job Requirement?

Multitasking has become a cybersecurity job requirement, but with the right technology, there could be a better way.

2 min Emergent Threat Response

CVE-2022-22972: Critical Authentication Bypass in VMware Workspace ONE Access, Identity Manager, and vRealize Automation

On May 18, 2022, VMware published an advisory on CVE-2022-22972, a critical authentication bypass affecting multiple solutions.

3 min Application Security

Find, Fix, and Report ​OWASP Top 10 Vulnerabilities in InsightAppSec

The OWASP 2021 Attack Template and Report for InsightAppSec helps you use the updated categories from OWASP to inform and focus your AppSec program.

1 min Vulnerability Management

Maximize Your VM Investment: Fix Vulnerabilities Faster With Automox + Rapid7

The new Automox plugin for Rapid7 InsightConnect closes the aperture of attack for vulnerability findings and automates remediation.

4 min Metasploit

Metasploit Weekly Wrap-Up

Spring4Shell module Community contributor vleminator [https://github.com/vleminator] added a new module [https://github.com/rapid7/metasploit-framework/pull/16423] which exploits CVE-2022-22965 [https://attackerkb.com/topics/xtgLfwQYBm/cve-2022-22965?referrer=blog]—more commonly known as "Spring4Shell." Depending on its deployment configuration [https://attackerkb.com/topics/xtgLfwQYBm/cve-2022-22965/rapid7-analysis?referrer=blog] , Java Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19

3 min Cloud Security

Update for CIS Google Cloud Platform Foundation Benchmarks - Version 1.3.0

The Center for Internet Security (CIS) recently released an updated version of their Google Cloud Platform Foundation Benchmarks - Version 1.3.0.

5 min Vulnerability Disclosure

CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection

Rapid7 discovered and reported a vulnerability that affects Zyxel firewalls supporting Zero Touch Provisioning (ZTP), identified as CVE-2022-30525.

2 min Security Nation

[Security Nation] Jim O’Gorman and g0tmi1k on Kali Linux

In this episode of Security Nation, Jen and Tod sit down with Jim O’Gorman and Ben “g0tmi1k” Wilson of Offensive Security to chat about Kali Linux.

7 min Vulnerability Management

Patch Tuesday - May 2022

This month is par for the course in terms of both number and severity of vulnerabilities being patched by Microsoft. There is one 0-day this month: CVE-2022-26925, a Spoofing vulnerability in the Windows Local Security Authority (LSA) subsystem.

3 min Cybersecurity

What's Changed for Cybersecurity in Banking and Finance: New Study

The results of a new VMware study show a changing landscape for cybersecurity in banking and finance.

2 min Emergent Threat Response

Active Exploitation of F5 BIG-IP iControl REST CVE-2022-1388

On May 4, 2022, F5 released an advisory on CVE-2022-1388, a critical authentication bypass that leads to remote code execution in iControl REST.

1 min Cloud Security

[Infographic] Cloud Misconfigurations: Don't Become a Breach Statistic

Our latest infographic highlights some key commonalities uncovered in our 2022 Cloud Misconfigurations Report.

3 min Metasploit

Metasploit Wrap-Up

Three new exploit modules, and an update for Windows 11 support

1 min Detection and Response

Unsung Security Superheroes: You’re Now Sung

Learn about the adventures of our CISO hero Adira Adama in Rapid7's first comic, XDR vs. Exploito.

11 min Application Security

XSS in JSON: Old-School Attacks for Modern Applications

This post highlights how cross-site scripting has adapted to today’s modern web applications, specifically the API and Javascript Object Notation (JSON).