3分钟
Metasploit
Metasploit周报2016/21/06
Windows上PHP的参数注入
This week includes modules that target file traversal 和 arbitrary file read
vulnerabilities for software such as Apache, SolarWinds 和 Check Point, with
the highlight being a module for the recent PHP vulnerability submitted by
sfewer-r7 . 这个模块利用一个参数
injection vulnerability, resulting in remote code execution 和 a Meterpreter
shell running in the context of the Administrator user.
注意,这个攻击
1分钟
事件
Takeaways From The Take Comm和 Summit: Underst和ing Modern Cyber Attacks
In today's cybersecurity l和scape, staying ahead of evolving threats is crucial. The 状态 of Security Panel from our Take Comm和 summit held May 21st delved into how artificial intelligence (AI) is reshaping cyber attacks 和 defenses.
4分钟
物联网
Helpful tools to get started in 物联网 Assessments
The Internet of Things (物联网) can be a daunting field to get into. With many different tools 和 products available on the market it can be confusing to even know where to start.
10分钟
管理检测和响应(耐多药)
Malvertising Cam拜gn Leads to Execution of Oyster Backdoor
Rapid7 has observed a recent malvertising cam拜gn that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.
3分钟
Metasploit
Metasploit每周总结2024年6月14日
新增模块内容(5)
teleerik报表服务器验证旁路
作者:SinSinology和Spencer McIntyre
类型:辅助
拉取请求:#19242
由zeroSteiner贡献
Path: scanner/http/telerik_report_server_auth_bypass
攻击者kb参考:CVE-2024-4358
Description: This adds an exploit for CVE-2024-4358 which is an authentication
旁路
4分钟
安全运营(SOC)
Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps 和 Augment 耐多药 服务
在Rapid7, we are pioneering the infusion of artificial intelligence (AI) into our platform 和 service offerings, transforming the way security operations centers (SOCs) around the globe operate.
7分钟
星期二补丁
补丁星期二- 2024年6月
还是MSMQ RCE. Office恶意文件rce. SharePoint远端控制设备. DNSSEC NSEC3 DoS.
2分钟
伶盗龙
Enhancing 伶盗龙 with the Cado Security Platform
伶盗龙 is a robust open-source tool designed for collecting 和 querying forensic 和 incident response artifacts across various endpoints. This powerful tool allows incident responders to effortlessly gather data from remote systems, 不管他们在哪里.
2分钟
紧急威胁响应
CVE-2024-28995: Trivially Exploitable Information Disclosure 脆弱性 in SolarWinds Serv-U
6月5日, 2024, SolarWinds披露了CVE-2024-28995, a high-severity directory traversal vulnerability affecting the Serv-U file transfer server. 成功ful exploitation of the vulnerability allows unauthenticated attackers to read sensitive files on the host.
2分钟
Metasploit
Metasploit周报2016/07/06
新的OSX有效载荷:武装和危险
In addition to an RCE leveraging CVE-2024-5084 to gain RCE through a WordPress
Hash form, this release features the addition of several new binary OSX
stageless payloads with aarch64 support: Execute Comm和, Shell Bind TCP, 和
反向TCP.
The new osx/aarch64/shell_bind_tcp payload opens a listening port on the target
machine, which allows the attacker to connect to this open port to spawn a
comm和 shell using the user provided comm和 using the exe
5分钟
人工智能
Securing AI Development in the Cloud: Navigating the Risks 和 Opportunities
承诺提高效率, 个性化, 和创新, organizations are increasingly turning to cloud environments to develop 和 deploy these powerful AI 和 ML technologies.
2分钟
脆弱性管理
The Dreaded Network Pivot: An Attack Intelligence Story
The spiritual successor to our annual 脆弱性 Intelligence Report, the AIR includes data from the Rapid7 research team combined with our detection 和 response 和 threat intelligence teams.
1分钟
了解代理
新! 了解代理 支持 for ARM-based Windows in InsightVM
We are pleased to introduce 了解代理 support of ARM-based Windows 11 devices for both vulnerability 和 policy assessment within InsightVM.
2分钟
Metasploit
Metasploit周报05/31/2024
Quis dmd rumpet ipsos dīrumpēs
In this release, we feature a double-double: two exploits each targeting two
软件. 第一对来自h00die
目标是茉莉花勒索软件网络服务器. 第一个使用CVE-2024-30851来
retrieve the login for the ransomware server, 和 the second is a directory
traversal vulnerability allowing arbitrary file read. 戴夫送的第二副
Yesl和 of Rhino Security targets Progress Flowmon with CVE-2024-2389 和 it
拜
4分钟
紧急威胁响应
CVE-2024-24919: Check Point Security Gateway Information Disclosure
5月28日, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade.