3 min
Metasploit
Metasploit Weekly Wrap-Up
Zxyel Routers Beware
This week we've released a module written by first time community contributor
shr70 [https://github.com/shr70] that can exploit roughly 45 different Zyxel
router and VPN models. The module exploits a buffer overflow vulnerability that
results in unauthenticated remote code execution on affected devices. It's rare
we see a module affect this many devices once and are excited to see this ship
in the framework. We hope pentesters and red-teamers alike can make good use of
this
5 min
Cloud Security
Center for Internet Security (CIS) unveils Azure Foundations Benchmark v2.0.0
CIS recently unveiled the latest version of their Azure Foundations Benchmark. This is the first major release since its launch more than 4 years ago.
2 min
Cloud Security
Reduce Risk and Regain Control with Cloud Risk Complete
Detect and manage risk across cloud environments, endpoints, on-premises infrastructure, and web applications, with Rapid7's Cloud Risk Complete.
5 min
Rapid7 Culture
Celebrating Women’s History Month at Rapid7
On March 8th, Rapid7 hosted an International Women's Day panel, which focused equity, inclusion, and advocacy in the workplace.
7 min
Vulnerability Disclosure
CVE-2023-0391: MGT-COMMERCE CloudPanel Shared Certificate Vulnerability and Weak Installation Procedures
Rapid7 has discovered three security concerns in CloudPanel from MGT-COMMERCE, a self-hosted web administration solution.
3 min
Emergent Threat Response
Rapid7 Observed Exploitation of Adobe ColdFusion
Rapid7’s Threat Intelligence and Detection Engineering team has identified active exploitation of Adobe ColdFusion in multiple customer environments.
5 min
Rapid7 Culture
Practice Operations Manager Looks Back On First Five Months With Rapid7
Elianna Sfez is a Threat Intelligence Practice Operations Manager at Rapid7. We sat down to chat about her new hire journey, company culture, and more.
3 min
Metasploit
Metasploit Weekly Wrap-Up
FortiNAC EITW Content Added
Whilst we did have a few cool new modules added this week, one particularly
interesting one was a Fortinet FortiNAC vulnerability, CVE-2022-39952
[https://attackerkb.com/topics/9BvxYuiHYJ/cve-2022-39952?referrer=blog], that
was added in by team member Jack Heysel. This module exploits an unauthenticated
RCE in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through
9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0
through 8.5.4,
4 min
Cloud Security
MITRE ATT&CK® Mitigations: Thwarting Cloud Threats With Preventative Policies and Controls
It's essential to implement robust security measures to protect your organization. One way to do this is to utilize the MITRE ATT&CK framework.
3 min
Threat Intel
Rapid7 Threat Command Delivered 311% ROI: 2023 Forrester Consulting Total Economic Impact™ Study
Security decision-makers are more concerned about external attacks than any other attack vector, according to the new Forrester Consulting study commissioned by Rapid7.
4 min
Consulting Services
Build Security Muscle Memory With Tabletop Exercises
What scrimmages were to football, tabletop exercises (TTX) are to incident response, business continuity, disaster recovery, vulnerability management, and other critical components of your organization’s security program.
3 min
Automated Remediation
3 Steps for Ramping Up to Fully Automated Remediation
Implementing automated remediation doesn't happen overnight—it takes time and a good roadmap. This article offers an incremental crawl, walk, run approach.
11 min
Vulnerability Management
Patch Tuesday - March 2023
Microsoft March 2023 Patch Tuesday fixes 101 security issues, including a Critical zero-day vulnerability in Outlook which has been exploited by Russia-based actors against European government & critical infrastructure targets.
4 min
Vulnerability Disclosure
Microsoft Defender for Cloud Management Port Exposure Confusion
Microsoft Defender for Cloud, until recently, didn't distinguish "0.0.0.0/0" as a synonym for "any" when checking for management port exposures for Azure instances.
2 min
Cybersecurity
Executive Webinar: Confronting Security Fears to Control Cyber Risk, Part Two
Jason Hart, Rapid7’s Chief Technology Officer, EMEA, will discuss how organisations can develop the ability to adapt in times of great stress and impact.