所有的帖子

Metasploit周报04/05/2024

新增ESC4 AD CS模板 Metasploit增加了功能 [http://docs.metasploit.com/docs/pentesting/active-directory/ad-certificates/attacking-ad-cs-esc-vulnerabilities.html] for exploiting the ESC family of flaws in AD CS in Metasploit 6.3. 的ESC4 technique in particular has been supported for some time now thanks to the ad_cs_cert_templates module which enables users to read and write certificate 模板对象. This facilitates the exploitation of ESC4 which is a 错误配置在

5 min 管理检测和响应(MDR)

Rapid7产品的新功能 & 服务业:2024年第一季度回顾

We kicked off 2024 with a continued focus on bringing security professionals the tools and functionality needed to anticipate risks, 查明威胁, 自信地更快地做出反应.

3 min Rapid7披露

CVE-2024-0394: Rapid7 Minerva Armor Privilege Escalation (FIXED)

Rapid7公开了CVE-2024-0394, a privilege escalation vulnerability in Rapid7 Minerva’s Armor product family. The root cause of this vulnerability is Minerva’s implementation of OpenSSL’s OPENSSLDIR parameter, which was set to a path accessible to low-privileged users.

4 min 职业发展

Challenges Drive Career Growth: Meet Rudina Tafhasaj

Starting a career for the first time in a new country can be intimidating. 为Rudina Tafhasaj, her path to Senior Application Engineer at Rapid7 was paved with both unique challenges, 以及令人难以置信的回报.

3 min 紧急威胁响应

XZ Utils后门漏洞(CVE-2024-3094)

在周五, 3月29日, after investigating anomalous behavior in his Debian sid environment, developer Andres Freund contacted an open-source security mailing list to share that he had discovered an upstream backdoor in widely used command line tool XZ Utils (liblzma).

3 min Metasploit

Metasploit每周总结2024年3月29日

Metasploit adds three new exploit modules including an RCE for SharePoint.

10 min Malware

Stories from the SOC Part 1: IDAT Loader to BruteRatel

Rapid7’s 管理检测和响应(MDR) team continuously monitors our customers' environments, identifying emerging threats and developing new detections.

12 min Metasploit

Metasploit框架.4发布

Today, Metasploit is pleased to announce the release of Metasploit Framework 6.4. It has been just over a year since the release of version 6.3 [http://m57kgjqw.bogfrogphotography.net/blog/post/2023/01/30/metasploit-framework-6-3-released/] and the team has added many new features and improvements since then. For news reporters, please reach out to press@bogfrogphotography.net. Kerberos的改进 Metasploit 6.3 included initial support for Kerberos authentication within Metasploit and was one of the larger features i

2 min Metasploit

Metasploit每周总结2024年3月22日

新增模块内容(1) OpenNMS Horizon认证RCE 作者:埃里克·温特类型:利用拉取请求:#18618 [http://github ..com/rapid7/metasploit-framework/pull/18618] erikynter [http://github]贡献.com/ErikWynter] Path: linux/http/opennms_horizon_authenticated_rce 攻击者kb参考:CVE-2023-0872 [http://attackerkb.com/search?q = cve - 2023 - 0872?介绍人=博客] Description: This module exploits built-in functionality in OpenNMS Horizon in 命令执行任意命令，如t

2 min 研究

Why The External Attack Surface Matters: An analysis into APAC related threat activities

Considerable focus within the cybersecurity industry has been placed on the attack surface of organizations, giving rise to external attack surface management (EASM) technologies as a means to monitor said surface.

9 min 研究

The Updated APT Playbook: Tales from the Kimsuky threat actor group

Within Rapid7 Labs we continually track and monitor threat groups. 作为这个过程的一部分, we routinely identify evolving tactics from threat groups in what is an unceasing game of cat and mouse.

2 min 脆弱性管理

Rapid7 offers continued vulnerability coverage in the face of NVD delays

Recently, the US National Institute of Standards and Technology (NIST) announced on the National 脆弱性 Database (NVD) site [http://nvd.nist.gov /) there would be delays in adding information on newly published CVEs. NVD enriches CVEs with basic details about a vulnerability like the vulnerability’s CVSS score, software products impacted by a CVE, information on the bug, 补丁状态等. Since February 12th, 2024, NVD has largely stopped 丰富的漏洞. 鉴于兄弟

2 min Metasploit

Metasploit总结2024年3月15日

新增模块内容(3) GitLab密码重置帐户接管作者:asterion04和h00die 类型:辅助拉取请求:#18716 [http://github ..com/rapid7/metasploit-framework/pull/18716] h00die [http://github]贡献.com/h00die] Path: admin/http/gitlab_password_reset_account_takeover 攻击者kb参考:CVE-2023-7028 [http://attackerkb.com/search?q = cve - 2023 - 7028?介绍人=博客] Description: This adds an exploit module that leverages an account-take-over 要控制脆弱

2 min 职业发展

Rapid7’s Ciara Cullinan Recognized as Community Trailblazer in Belfast Awards Program

At the 2024 Women Who Code She Rocks Awards, Rapid7 Software Engineer II Ciara Cullinan was recognized with their ‘Community Trailblazer’ award.

8 min 脆弱性管理

补丁星期二- 2024年3月

这个月没有零日漏洞. A single critical RCE: Hyper-V guest escape. 交换恶意DLL RCE. SharePoint的王牌. Azure Kubernetes Service Confidential Containers. Windows 11压缩文件夹.