4 min
Metasploit
Metasploit Weekly Wrap-Up 08/30/2024
A New Way to Encode PHP Payloads
A new PHP encoder has been released by a community contributor, jvoisin
, allowing a PHP payload to be encoded as an
ASCII-Hex string. This can then be decoded on the receiver to prevent issues
with unescaped or bad characters.
Ray Vulnerabilities
This release of Metasploit Framework also features 3 new modules to target
ray.io, which is a framework for distributing AI-related workloads across
multiple machines, which makes it an exce
1 min
Events
Command with Confidence: Insights from Andrew Bustamante
At the recent Take Command Summit, former CIA intelligence officer and US Air Force combat veteran Andrew Bustamante shared valuable tools, tactics, and techniques from elite intelligence agencies with Rapid7’s Americas Field CTO Jeffrey Gardner in an informal chat.
2 min
InsightCloudSec
Assessing Container Images Across Private Registries with InsightCloudSec
As the adoption of container technology has grown, so too has the importance of securing these environments.
1 min
Metasploit
Metasploit Weekly Wrap-Up 08/23/2024
New module content (3)
Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)
Authors: Michael Heinzl and Tenable
Type: Auxiliary
Pull request: #19373
contributed by h4x-x0r
Path: admin/http/fortra_filecatalyst_workflow_sqli
AttackerKB reference: CVE-2024-5276
Description: This adds an auxiliary module to exploit the CVE-2024-5276, a SQL
inj
2 min
Events
Key Takeaways From The Take Command Summit: Navigating New SEC Cybersecurity Disclosure Rules
Understanding and complying with the new SEC Cybersecurity Disclosure Rules is a daunting task for many organizations. The Rapid7 Take Command Summit provided an in-depth look at these regulations, offering valuable guidance for cybersecurity professionals.
4 min
Risk Management
Preparing for Unknown Risks:
How to Better Prepare for Risks You Can't See Yet
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behaviour amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity.
5 min
Ransomware
Selling Ransomware Breaches: 4 Trends Spotted on the RAMP Forum
The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks.
3 min
Gartner
5 Key Insights from the Gartner® Market Guide for Cloud-Native Application Protection Platforms (CNAPP)
The 2024 Gartner Market Guide for Cloud-Native Application Protection Platforms (CNAPP) provides invaluable insights into the latest trends and technologies that are reshaping how companies protect their digital assets.
2 min
Metasploit
Metasploit Weekly Wrap-Up 08/16/2024
New module content (3)
Apache HugeGraph Gremlin RCE
Authors: 6right and jheysel-r7
Type: Exploit
Pull request: #19348
contributed by jheysel-r7
Path: linux/http/apache_hugegraph_gremlin_rce
AttackerKB reference: CVE-2024-27348
Description: Adds an Apache HugeGraph Server exploit for GHSA-29rc-vq7f-x335
1 min
Events
Key Takeaways From The Take Command Summit: Enhancing Cybersecurity Culture
Building a resilient cybersecurity culture is crucial in today's digital landscape. The recent Rapid7 Take Command Summit session titled "Commander in Chief: Enhancing Cybersecurity Culture" offered valuable insights into fostering a strong security mindset within organizations.
4 min
Career Development
Brandon Adkins’ Career Journey - Taking Chances and Tackling New Challenges
Brandon Adkins is the Manager of our Threat Intelligence & Detection Engineering (TIDE) team. His career journey spans a variety of roles and teams where he has been able to showcase his technical skills in security.
4 min
Events
Black Hat USA 2024: Key Takeaways and Industry Trends
As is always the case at Black Hat 2024, the cybersecurity community was buzzing with the latest innovations and insights from their favorite vendors, industry speakers and training sessions.
15 min
Patch Tuesday
Patch Tuesday - August 2024
Heavy-hitting edition of PT with 10 zero-days. Windows Downdate downgrade attack, Windows WinSock EoP, Windows Kernel EoP, MotW bypass, and several others.
16 min
Ongoing Social Engineering Campaign Refreshes Payloads
On June 20, 2024, Rapid7 identified multiple intrusion attempts by threat actors utilizing Techniques, Tactics, and Procedures (TTPs) that are consistent with an ongoing social engineering campaign being tracked by Rapid7.
1 min
Metasploit
Metasploit Weekly Wrap-Up 08/09/2024
Black Hat & DEF CON
Hopefully folks were able to catch our Rapid7 researchers @zeroSteiner
& Jack Heysel show off the Metasploit 6.4's
features, focusing on combinations that allow for new, streamlined attack
workflows at Black Hat. If not they will also be demoing at DEF CON tomorrow in
room W304!
New module content (1)
Calibre Python Code Injection (CVE-2024-6782)
Authors: Amos Ng and Michael Heinzl
Type: Exploit
Pull request: #19357