All Posts

Metasploit Wrap-Up 03/15/2024

New module content (3) GitLab Password Reset Account Takeover Authors: asterion04 and h00die Type: Auxiliary Pull request: #18716 [http://github.com/rapid7/metasploit-framework/pull/18716] contributed by h00die [http://github.com/h00die] Path: admin/http/gitlab_password_reset_account_takeover AttackerKB reference: CVE-2023-7028 [http://attackerkb.com/search?q=CVE-2023-7028?referrer=blog] Description: This adds an exploit module that leverages an account-take-over vulnerability to take contr

2 min Career Development

Rapid7’s Ciara Cullinan Recognized as Community Trailblazer in Belfast Awards Program

At the 2024 Women Who Code She Rocks Awards, Rapid7 Software Engineer II Ciara Cullinan was recognized with their ‘Community Trailblazer’ award.

8 min Vulnerability Management

Patch Tuesday - March 2024

No zero-day vulns this month. A single critical RCE: Hyper-V guest escape. Exchange malicious DLL RCE. SharePoint ACE. Azure Kubernetes Service Confidential Containers. Windows 11 compressed folders.

3 min Metasploit

Metasploit Wrap-Up 03/08/2024

New module content (2) GitLab Tags RSS feed email disclosure Authors: erruquill and n00bhaxor Type: Auxiliary Pull request: #18821 [http://github.com/rapid7/metasploit-framework/pull/18821] contributed by n00bhaxor [http://github.com/n00bhaxor] Path: gather/gitlab_tags_rss_feed_email_disclosure AttackerKB reference: CVE-2023-5612 [http://attackerkb.com/search?q=CVE-2023-5612?referrer=blog] Description: This adds an auxiliary module that leverages an information disclosure vulnerability (CVE

9 min InsightCloudSec

Securing the Next Level: Automated Cloud Defense in Game Development with InsightCloudSec

Cloud gaming, powered by giants like AWS, is transforming the gaming industry, offering unparalleled accessibility and dynamic gaming experiences. Yet, with this technological leap forward comes an increase in cyber threats.

6 min 7 Rapid Questions

7 Rapid Questions with #77 Ray Bourque

We couldn’t pass up the opportunity to bring Boston Bruins legend Ray Bourque into the herd as we continue to expand our Bruins jersey sponsorship.

2 min Cybersecurity

Lessons from video game companies: automation unleashes robust monitoring & observability

In this blog post, we’ll delve into how monitoring and observability capabilities enable video game organizations to bolster their cybersecurity defenses – and provide a better, more reliable gaming experience.

19 min Emergent Threat Response

CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)

Rapid7’s vulnerability research team identified two new vulnerabilities affecting JetBrains TeamCity CI/CD server: CVE-2024-27198 and CVE-2024-27199, both of which are authentication bypasses.

2 min Metasploit

Metasploit Weekly Wrap-Up 03/01/2024

Metasploit adds an RCE exploit for ConnectWise ScreenConnect and new documentation for exploiting ESC13.

7 min Velociraptor

How To Hunt For UEFI Malware Using Velociraptor

UEFI threats have historically been limited in number and mostly implemented by nation state actors as stealthy persistence. However, the recent proliferation of Black Lotus on the dark web, Trickbot enumeration module (late 2022), and Glupteba (November 2023) indicates that this historical trend may be changing. With this context, it is becoming important for security practitioners to understand visibility and collection capabilities for UEFI threats [http://lbt.aifengcai.com/info/understanding

4 min Metasploit

Metasploit Weekly Wrap-Up 02/23/2024

LDAP Capture module Metasploit now has an LDAP capture module thanks to the work of JustAnda7 [http://github.com/JustAnda7]. This work was completed as part of the Google Summer of Code program. When the module runs it will by default require privileges to listen on port 389. The module implements a default implementation for BindRequest, SearchRequest, UnbindRequest, and will capture both plaintext credentials and NTLM hashes which can be brute-forced offline. Upon receiving a successful Bin

3 min Vulnerability Management

High-Risk Vulnerabilities in ConnectWise ScreenConnect

On February 19, 2024 ConnectWise disclosed two vulnerabilities in their ScreenConnect remote access software. Both vulnerabilities affect ScreenConnect 23.9.7 and earlier.

3 min InsightVM

Explanation of New Authenticated Scanning PCI DSS Requirement 11.3.1.2 in PCI DSS V4.0 and how InsightVM can help meet the Requirement

As a Certified Qualified Security Assessor (QSA) company and a trusted Rapid7 partner, MegaplanIT is committed to guiding organizations through the complexities of compliance and security standards.

5 min Metasploit

Metasploit Weekly Wrap-Up 02/16/2024

New Fetch Payload It has been almost a year since Metasploit released the new fetch payloads [http://lbt.aifengcai.com/blog/post/2023/05/25/fetch-payloads-a-shorter-path-from-command-injection-to-metasploit-session/] and since then, 43 of the 79 exploit modules have had support for fetch payloads. The original payloads supported transferring the second stage over HTTP, HTTPS and FTP. This week, Metasploit has expanded that protocol support to include SMB, allowing payloads to be run using rundll3

7 min Incident Response

RCE to Sliver: IR Tales from the Field

Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source of multiple malware executions.