3 min
Metasploit
Metasploit周报04/05/2024
新增ESC4 AD CS模板
Metasploit增加了功能
[http://docs.metasploit.com/docs/pentesting/active-directory/ad-certificates/attacking-ad-cs-esc-vulnerabilities.html]
for exploiting the ESC family of flaws in AD CS in Metasploit 6.3. 的ESC4
technique in particular has been supported for some time now thanks to the
ad_cs_cert_templates module which enables users to read and write certificate
模板对象. This facilitates the exploitation of ESC4 which is a
错误配置在
5 min
管理检测和响应(MDR)
Rapid7产品的新功能 & 服务业:2024年第一季度回顾
We kicked off 2024 with a continued focus on bringing security professionals the tools and functionality needed to anticipate risks, 查明威胁, 自信地更快地做出反应.
3 min
Rapid7披露
CVE-2024-0394: Rapid7 Minerva Armor Privilege Escalation (FIXED)
Rapid7公开了CVE-2024-0394, a privilege escalation vulnerability in Rapid7 Minerva’s Armor product family. The root cause of this vulnerability is Minerva’s implementation of OpenSSL’s OPENSSLDIR parameter, which was set to a path accessible to low-privileged users.
4 min
职业发展
Challenges Drive Career Growth: Meet Rudina Tafhasaj
Starting a career for the first time in a new country can be intimidating. 为Rudina Tafhasaj, her path to Senior Application Engineer at Rapid7 was paved with both unique challenges, 以及令人难以置信的回报.
3 min
紧急威胁响应
XZ Utils后门漏洞(CVE-2024-3094)
在周五, 3月29日, after investigating anomalous behavior in his Debian sid environment, developer Andres Freund contacted an open-source security mailing list to share that he had discovered an upstream backdoor in widely used command line tool XZ Utils (liblzma).
3 min
Metasploit
Metasploit每周总结2024年3月29日
Metasploit adds three new exploit modules including an RCE for SharePoint.
10 min
Malware
Stories from the SOC Part 1: IDAT Loader to BruteRatel
Rapid7’s 管理检测和响应(MDR) team continuously monitors our customers' environments, identifying emerging threats and developing new detections.
12 min
Metasploit
Metasploit框架.4发布
Today, Metasploit is pleased to announce the release of Metasploit Framework
6.4. It has been just over a year since the release of version 6.3
[http://m57kgjqw.bogfrogphotography.net/blog/post/2023/01/30/metasploit-framework-6-3-released/]
and the team has added many new features and improvements since then.
For news reporters, please reach out to press@bogfrogphotography.net.
Kerberos的改进
Metasploit 6.3 included initial support for Kerberos authentication within
Metasploit and was one of the larger features i
2 min
Metasploit
Metasploit每周总结2024年3月22日
新增模块内容(1)
OpenNMS Horizon认证RCE
作者:埃里克·温特
类型:利用
拉取请求:#18618 [http://github ..com/rapid7/metasploit-framework/pull/18618]
erikynter [http://github]贡献.com/ErikWynter]
Path: linux/http/opennms_horizon_authenticated_rce
攻击者kb参考:CVE-2023-0872
[http://attackerkb.com/search?q = cve - 2023 - 0872?介绍人=博客]
Description: This module exploits built-in functionality in OpenNMS Horizon in
命令执行任意命令,如t
2 min
研究
Why The External Attack Surface Matters: An analysis into APAC related threat activities
Considerable focus within the cybersecurity industry has been placed on the attack surface of organizations, giving rise to external attack surface management (EASM) technologies as a means to monitor said surface.
9 min
研究
The Updated APT Playbook: Tales from the Kimsuky threat actor group
Within Rapid7 Labs we continually track and monitor threat groups. 作为这个过程的一部分, we routinely identify evolving tactics from threat groups in what is an unceasing game of cat and mouse.
2 min
脆弱性管理
Rapid7 offers continued vulnerability coverage in the face of NVD delays
Recently, the US National Institute of Standards and Technology (NIST) announced
on the National 脆弱性 Database (NVD) site [http://nvd.nist.gov /)
there would be delays in adding information on newly published CVEs. NVD
enriches CVEs with basic details about a vulnerability like the vulnerability’s
CVSS score, software products impacted by a CVE, information on the bug,
补丁状态等. Since February 12th, 2024, NVD has largely stopped
丰富的漏洞.
鉴于兄弟
2 min
Metasploit
Metasploit总结2024年3月15日
新增模块内容(3)
GitLab密码重置帐户接管
作者:asterion04和h00die
类型:辅助
拉取请求:#18716 [http://github ..com/rapid7/metasploit-framework/pull/18716]
h00die [http://github]贡献.com/h00die]
Path: admin/http/gitlab_password_reset_account_takeover
攻击者kb参考:CVE-2023-7028
[http://attackerkb.com/search?q = cve - 2023 - 7028?介绍人=博客]
Description: This adds an exploit module that leverages an account-take-over
要控制脆弱
2 min
职业发展
Rapid7’s Ciara Cullinan Recognized as Community Trailblazer in Belfast Awards Program
At the 2024 Women Who Code She Rocks Awards, Rapid7 Software Engineer II Ciara Cullinan was recognized with their ‘Community Trailblazer’ award.
8 min
脆弱性管理
补丁星期二- 2024年3月
这个月没有零日漏洞. A single critical RCE: Hyper-V guest escape. 交换恶意DLL RCE. SharePoint的王牌. Azure Kubernetes Service Confidential Containers. Windows 11压缩文件夹.