所有的帖子

10分钟 管理检测和响应(耐多药)

Supply Chain Compromise Leads to Trojanized 安装程序 for Notezilla, RecentX, Copywhiz

The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler 麦格劳,莎拉·李和托马斯·埃尔金斯. 执行概要 On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious 客户环境中的活动. 我们的调查发现 suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes on a Windows desktop. 安装程序 for Notezilla, along with tools called RecentX 和

1分钟 事件

Takeaways From The Take Comm和 Summit: Unprecedented Threat L和scape

The Rapid7 Take Comm和 summit unveiled crucial findings from the 2024 Attack Intelligence Report, offering invaluable insights for cybersecurity professionals navigating today's complex threat l和scape.

4分钟 紧急威胁响应

Authentication Bypasses in MOVEit Transfer 和 MOVEit Gateway

6月25日, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer 和 MOVEit Gateway: CVE-2024-5806 和 CVE-2024-5805.

1分钟 事件

Takeaways From The Take Comm和 Summit: Underst和ing Modern Cyber Attacks

In today's cybersecurity l和scape, staying ahead of evolving threats is crucial. The 状态 of Security Panel from our Take Comm和 summit held May 21st delved into how artificial intelligence (AI) is reshaping cyber attacks 和 defenses.

4分钟 pg电子

从Top Dogs到Unified Pack

Cybersecurity is as unpredictable as it is rewarding. This means you 和 your cyber team may find yourselves navigating a complex l和scape of multi-cloud environments 和 evolving compliance requirements.

3分钟 Metasploit

Metasploit周报2016/21/06

Windows上PHP的参数注入 This week includes modules that target file traversal 和 arbitrary file read vulnerabilities for software such as Apache, SolarWinds 和 Check Point, with the highlight being a module for the recent PHP vulnerability submitted by sfewer-r7 . 这个模块利用一个参数 injection vulnerability, resulting in remote code execution 和 a Meterpreter shell running in the context of the Administrator user. 注意,这个攻击

4分钟 物联网

开始物联网评估的有用工具

The Internet of Things (物联网) can be a daunting field to get into. With many different tools 和 products available on the market it can be confusing to even know where to start.

10分钟 管理检测和响应(耐多药)

Malvertising Campaign Leads to Execution of Oyster Backdoor

Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.

3分钟 Metasploit

Metasploit每周总结2024年6月14日

新增模块内容(5) teleerik报表服务器验证旁路 作者:SinSinology和Spencer McIntyre 类型:辅助 拉取请求:#19242 由zeroSteiner贡献 Path: scanner/http/telerik_report_server_auth_bypass 攻击者kb参考:CVE-2024-4358 Description: This adds an exploit for CVE-2024-4358 which is an authentication 旁路

4分钟 安全运营(SOC)

Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps 和 Augment 耐多药 服务

在Rapid7, we are pioneering the infusion of artificial intelligence (AI) into our platform 和 service offerings, transforming the way security operations centers (SOCs) around the globe operate.

7分钟 星期二补丁

补丁星期二- 2024年6月

还是MSMQ RCE. Office恶意文件rce. SharePoint远端控制设备. DNSSEC NSEC3 DoS.

2分钟 伶盗龙

Enhancing 伶盗龙 with the Cado Security Platform

伶盗龙 is a robust open-source tool designed for collecting 和 querying forensic 和 incident response artifacts across various endpoints. This powerful tool allows incident responders to effortlessly gather data from remote systems, 不管他们在哪里.

2分钟 紧急威胁响应

CVE-2024-28995: Trivially Exploitable Information Disclosure 脆弱性 in SolarWinds Serv-U

6月5日, 2024, SolarWinds披露了CVE-2024-28995, a high-severity directory traversal vulnerability affecting the Serv-U file transfer server. 成功ful exploitation of the vulnerability allows unauthenticated attackers to read sensitive files on the host.

2分钟 Metasploit

Metasploit周报2016/07/06

新的OSX有效载荷:武装和危险 In addition to an RCE leveraging CVE-2024-5084 to gain RCE through a WordPress Hash form, this release features the addition of several new binary OSX stageless payloads with aarch64 support: Execute Comm和, Shell Bind TCP, 和 反向TCP. The new osx/aarch64/shell_bind_tcp payload opens a listening port on the target machine, which allows the attacker to connect to this open port to spawn a comm和 shell using the user provided comm和 using the exe

5分钟 人工智能

Securing AI Development in the Cloud: Navigating the Risks 和 Opportunities

承诺提高效率, 个性化, 和创新, organizations are increasingly turning to cloud environments to develop 和 deploy these powerful AI 和 ML technologies.

" class="hidden">谷瀑节能设备网 " class="hidden">中国孕婴童品牌中心 " class="hidden">澳门赛马会