2分钟
Metasploit
Metasploit总结2024年3月15日
新增模块内容(3)
GitLab密码重置帐户接管
作者:asterion04和h00die
类型:辅助
拉取请求:#18716 [http://github ..com/rapid7/metasploit-framework/pull/18716]
h00die [http://github]贡献.com/h00die]
Path: admin/http/gitlab_password_reset_account_takeover
攻击者kb参考:CVE-2023-7028
[http://attackerkb.com/search?q = cve - 2023 - 7028?介绍人=博客]
Description: This adds an exploit module that leverages an account-take-over
要控制脆弱
2分钟
职业发展
Rapid7’s Ciara Cullinan Recognized as Community Trailblazer in Belfast Awards Program
At the 2024 Women Who Code She Rocks Awards, Rapid7 Software Engineer II Ciara Cullinan was recognized with their ‘Community Trailblazer’ award.
8 min
脆弱性管理
补丁星期二- 2024年3月
这个月没有零日漏洞. A single critical RCE: Hyper-V guest escape. 交换恶意DLL RCE. SharePoint的王牌. Azure Kubernetes Service Confidential Containers. Windows 11压缩文件夹.
3分钟
Metasploit
Metasploit总结:03/08/2024
新增模块内容(2)
GitLab标签RSS订阅邮件披露
作者:erruquill和n00bhaxor
类型:辅助
拉取请求:#18821 [http://github ..com/rapid7/metasploit-framework/pull/18821]
由n00bhaxor [http://github]贡献.com/n00bhaxor]
Path: gather/gitlab_tags_rss_feed_email_disclosure
攻击者kb参考:CVE-2023-5612
[http://attackerkb.com/search?q = cve - 2023 - 5612?介绍人=博客]
Description: This adds an auxiliary module that leverages an information
披露漏洞
9 min
InsightCloudSec
Securing the Next Level: Automated Cloud Defense in Game Development with InsightCloudSec
云游戏, 由AWS等巨头提供支持, 正在改变游戏产业, offering unparalleled accessibility and dynamic gaming experiences. Yet, with this technological leap forward comes an increase in cyber threats.
6 min
7快速提问
7个快速提问#77雷·布尔克
We couldn’t pass up the opportunity to bring 波士顿棕熊 legend Ray Bourque into the herd as we continue to expand our Bruins jersey sponsorship.
2分钟
网络安全
Lessons from video game companies: automation unleashes robust monitoring & 可观察性
在这篇博文中, we’ll delve into how monitoring and 可观察性 capabilities enable video game organizations to bolster their cybersecurity defenses – and provide a better, 更可靠的游戏体验.
19分钟
紧急威胁响应
CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)
Rapid7’s vulnerability research team identified two new vulnerabilities affecting JetBrains TeamCity CI/CD server: CVE-2024-27198 and CVE-2024-27199, both of which are authentication bypasses.
2分钟
Metasploit
Metasploit每周总结2024年3月1日
Metasploit adds an RCE exploit for ConnectWise ScreenConnect and new documentation for exploiting ESC13.
7分钟
伶盗龙
How To Hunt For UEFI Malware Using 伶盗龙
UEFI threats have historically been limited in number and mostly implemented by
nation state actors as stealthy persistence. 然而,最近的扩散
of Black Lotus on the dark web, Trickbot enumeration module (late 2022), and
Glupteba (November 2023) indicates that this historical trend may be changing.
With this context, it is becoming important for security practitioners to
understand visibility and collection capabilities for UEFI threats
[http://edenhall.yazhuo.net/info/understanding
4 min
Metasploit
Metasploit每周总结2024年2月23日
LDAP捕获模块
Metasploit now has an LDAP capture module thanks to the work of
JustAnda7 [http://github.com/JustAnda7]. 这项工作是作为…的一部分完成的
谷歌代码之夏项目.
When the module runs it will by default require privileges to listen on port
389. The module implements a default implementation for BindRequest,
搜索Request, UnbindRequest, and will capture both plaintext credentials and
NTLM hashes which can be brute-forced offline. 收到成功的Bin
3分钟
脆弱性管理
High-Risk Vulnerabilities in ConnectWise ScreenConnect
2月19日, 2024 ConnectWise disclosed two vulnerabilities in their ScreenConnect remote access software. Both vulnerabilities affect ScreenConnect 23.9.7点及更早.
3分钟
InsightVM
Explanation of New Authenticated Scanning PCI DSS Requirement 11.3.1.PCI DSS V4中2个.0 and how InsightVM can help meet the Requirement
As a Certified Qualified Security Assessor (QSA) company and a trusted Rapid7 partner, MegaplanIT is committed to guiding organizations through the complexities of compliance and security standards.
5分钟
Metasploit
Metasploit每周总结2024年2月16日
新的获取负载
It has been almost a year since Metasploit released the new fetch 有效载荷
[http://edenhall.yazhuo.net/blog/post/2023/05/25/fetch-有效载荷-a-shorter-path-from-command-injection-to-metasploit-session/]
and since then, 43 of the 79 exploit modules have had support for fetch
有效载荷. The original 有效载荷 supported transferring the second stage over
HTTP, HTTPS和FTP. This week, Metasploit has expanded that protocol support to
include SMB, allowing 有效载荷 to be run using rundll3
7分钟
事件响应
RCE到silver:来自战场的IR故事
Rapid7 事件响应 was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source of multiple malware executions.