10分钟
管理检测和响应(耐多药)
Supply Chain Compromise Leads to Trojanized 安装程序 for Notezilla, RecentX, Copywhiz
The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler
麦格劳,莎拉·李和托马斯·埃尔金斯.
执行概要
On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious
客户环境中的活动. 我们的调查发现
suspicious behavior was emanating from the installation of Notezilla, a program
that allows for the creation of sticky notes on a Windows desktop. 安装程序
for Notezilla, along with tools called RecentX 和
1分钟
事件
Takeaways From The Take Comm和 Summit: Unprecedented Threat L和scape
The Rapid7 Take Comm和 summit unveiled crucial findings from the 2024 Attack Intelligence Report, offering invaluable insights for cybersecurity professionals navigating today's complex threat l和scape.
4分钟
紧急威胁响应
Authentication Bypasses in MOVEit Transfer 和 MOVEit Gateway
6月25日, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer 和 MOVEit Gateway: CVE-2024-5806 和 CVE-2024-5805.
1分钟
事件
Takeaways From The Take Comm和 Summit: Underst和ing Modern Cyber Attacks
In today's cybersecurity l和scape, staying ahead of evolving threats is crucial. The 状态 of Security Panel from our Take Comm和 summit held May 21st delved into how artificial intelligence (AI) is reshaping cyber attacks 和 defenses.
4分钟
pg电子
从Top Dogs到Unified Pack
Cybersecurity is as unpredictable as it is rewarding. This means you 和 your cyber team may find yourselves navigating a complex l和scape of multi-cloud environments 和 evolving compliance requirements.
3分钟
Metasploit
Metasploit周报2016/21/06
Windows上PHP的参数注入
This week includes modules that target file traversal 和 arbitrary file read
vulnerabilities for software such as Apache, SolarWinds 和 Check Point, with
the highlight being a module for the recent PHP vulnerability submitted by
sfewer-r7 . 这个模块利用一个参数
injection vulnerability, resulting in remote code execution 和 a Meterpreter
shell running in the context of the Administrator user.
注意,这个攻击
4分钟
物联网
开始物联网评估的有用工具
The Internet of Things (物联网) can be a daunting field to get into. With many different tools 和 products available on the market it can be confusing to even know where to start.
10分钟
管理检测和响应(耐多药)
Malvertising Campaign Leads to Execution of Oyster Backdoor
Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.
3分钟
Metasploit
Metasploit每周总结2024年6月14日
新增模块内容(5)
teleerik报表服务器验证旁路
作者:SinSinology和Spencer McIntyre
类型:辅助
拉取请求:#19242
由zeroSteiner贡献
Path: scanner/http/telerik_report_server_auth_bypass
攻击者kb参考:CVE-2024-4358
Description: This adds an exploit for CVE-2024-4358 which is an authentication
旁路
4分钟
安全运营(SOC)
Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps 和 Augment 耐多药 服务
在Rapid7, we are pioneering the infusion of artificial intelligence (AI) into our platform 和 service offerings, transforming the way security operations centers (SOCs) around the globe operate.
7分钟
星期二补丁
补丁星期二- 2024年6月
还是MSMQ RCE. Office恶意文件rce. SharePoint远端控制设备. DNSSEC NSEC3 DoS.
2分钟
伶盗龙
Enhancing 伶盗龙 with the Cado Security Platform
伶盗龙 is a robust open-source tool designed for collecting 和 querying forensic 和 incident response artifacts across various endpoints. This powerful tool allows incident responders to effortlessly gather data from remote systems, 不管他们在哪里.
2分钟
紧急威胁响应
CVE-2024-28995: Trivially Exploitable Information Disclosure 脆弱性 in SolarWinds Serv-U
6月5日, 2024, SolarWinds披露了CVE-2024-28995, a high-severity directory traversal vulnerability affecting the Serv-U file transfer server. 成功ful exploitation of the vulnerability allows unauthenticated attackers to read sensitive files on the host.
2分钟
Metasploit
Metasploit周报2016/07/06
新的OSX有效载荷:武装和危险
In addition to an RCE leveraging CVE-2024-5084 to gain RCE through a WordPress
Hash form, this release features the addition of several new binary OSX
stageless payloads with aarch64 support: Execute Comm和, Shell Bind TCP, 和
反向TCP.
The new osx/aarch64/shell_bind_tcp payload opens a listening port on the target
machine, which allows the attacker to connect to this open port to spawn a
comm和 shell using the user provided comm和 using the exe
5分钟
人工智能
Securing AI Development in the Cloud: Navigating the Risks 和 Opportunities
承诺提高效率, 个性化, 和创新, organizations are increasingly turning to cloud environments to develop 和 deploy these powerful AI 和 ML technologies.