4分钟
紧急威胁响应
CVE-2024-24919: Check Point Security Gateway Information Disclosure
5月28日, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade.
2分钟
职业发展
Celebrating Excellence: Joanne Guariglia 和 Kelly Hiscoe Recognized as CRN's 2024 Women of the Channel
We are thrilled to announce that two of our exceptional team members, 乔安妮·瓜格利亚和凯利·希斯科, have been recognized as CRN's 2024 Women of the Channel.
3分钟
Metasploit
Metasploit每周总结2024年5月23日
渗透广播!
A new module from Chocapikk allows the user to
perform remote code execution on vulnerable versions of streaming platform
独立显卡(12.4 - 14.2). The multi/http/avideo_wwbnindex_unauth_rce module
利用cve - 2024 - 31819
易受…伤害
PHP Filter Chaining, to gain unauthenticated 和 unprivileged access, earning it
“AttackerKB”中攻击者的值为高
2分钟
事件
The Take Comm和 Summit: A Day of Resilience 和 Preparation
The Take Comm和 Summit is officially in the books. 这是一个为期一天的虚拟游戏
powerhouse of major voices 和 ultra-relevant topics from across the entire
网络安全领域. We are super proud of the event 和 grateful for all who
参加了这些重要的讨论.
At Rapid7 we are eager to have the critical conversations at the critical
moments 和 right now, the 行业 faces a great many challenges. 从
ransomware to cloud security to building the best 24/7/365 security operat
10分钟
管理检测和响应(耐多药)
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack
Justice AV Solutions (JAVS)是一家美国公司.S.-based company specializing in digital audio-visual recording solutions for courtroom environments.
Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk 和 should take immediate action.
2分钟
研究
Rapid7 Releases the 2024 Attack Intelligence Report
Today, during our Take Comm和 Summit, we released our 2024 Attack Intelligence
Report, which pulls in expertise from our researchers, our detection 和
反应小组和威胁情报小组. 结果是最清楚的
picture yet of the expanding attack surface 和 the threats security
专业人士每天都要面对.
Since the end of 2020, we’ve seen a significant increase in zero-day
exploitation, ransomware attacks, 和 mass compromise incidents impacting many
组织全球.
3分钟
Metasploit
Metasploit总结2024年5月17日
LDAP认证改进
本周,在Metasploit v6中.4.9, the team has added multiple improvements for
LDAP相关攻击. Two improvements relating to authentication is the new
支持签名
和通道绑定 .
微软一直在做出改变
3分钟
事件
See a Sneak Peek of Tuesday’s Take Comm和 Summit
In just a few short days, some of the best minds in cybersecurity will come
一起指挥
to discuss the most pressing challenges 和 opportunities we face as an
行业. The sessions include in-depth discussions on attacker trends 和
behaviors, a look into the Rapid7 SOC, top guest speakers with unique insights
进入网络安全
4分钟
人工智能
AI 信任 Risk 和 Security Management: Why Tackle Them Now?
In the evolving world of artificial intelligence (AI), keeping our customers secure 和 maintaining their trust is our top priority.
8分钟
星期二补丁
补丁星期二- 2024年5月
在DWM、MSHTML和Visual Studio中的零日. SharePoint关键的认证后RCE. 远程接入修复. 移动宽带USB总线.
3分钟
管理检测和响应(耐多药)
5 key 耐多药 differentiators to look for to build stronger security resilience
Organizations looking to address the skills gap 和 bring greater efficiency as their business grows 和 their attack surface sprawls are turning to 耐多药 providers at an accelerated pace. We’ve seen predictions from top analyst firms signaling the rapid rate of adoption of an 耐多药 provider by 2025.
15分钟
管理检测和响应(耐多药)
Ongoing Malvertising Campaign Leads to Ransomware
Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP 和 PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains.
5分钟
Gartner
Rapid7 Recognized in the 2024 Gartner® Magic Quadrant™ for SIEM
Rapid7 is excited to share that we are named a Challenger for InsightIDR in the 2024 Gartner Magic Quadrant for SIEM.
2分钟
Metasploit
Metasploit总结05/10/2024
密码喷洒支持
Multiple bruteforce/login scanner modules have been updated to support a
PASSWORD_SPRAY模块选项. This work was completed in pull request #19079
从nrathaus
以及我们的最新消息
开发人员 . 当
the password spraying option is set, the order of attempted users 和 password
尝试改变了
8分钟
事件响应
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Rapid7 observes ongoing social engineering campaign consistent with Black Basta