13分钟
脆弱性管理
星期二补丁 - October 2024
5零日. Configuration 经理 pre-auth RCE. RDP RPC预验证RPC. 登录bgi的. Hyper-V容器逃逸. curl o-day RCE后期补丁. Management console zero-day RCE. Windows 11 lifecycle changes.
4分钟
脆弱性管理
Modernizing Your VM Program with Rapid7 接触命令: A Path to Effective Continuous Threat 风险管理
This is where continuous threat exposure management (CTEM) comes into play – an approach that shifts the focus from merely identifying vulnerabilities to underst和ing 和 mitigating exposures across the entire attack surface.
3分钟
紧急威胁响应
Multiple Vulnerabilities in Common Unix Printing System (CUPS)
Multiple unpatched vulnerabilities were publicly disclosed in the Common Unix Printing System (CUPS), a popular IPP-based open-source printing system.
2分钟
紧急威胁响应
High-Risk Vulnerabilities in Common Enterprise Technologies
Rapid7 is warning customers about high-risk vulnerabilities in Adobe ColdFusion, Broadcom VMware vCenter Server, 和 Ivanti Endpoint 经理 (EPM). These CVEs are likely attack targets for APT 和/or financially motivated adversaries.
6分钟
攻击面安全
救命,我看不见! A Primer for 攻击面管理 博客 Series
在本系列中, we will explore the critical challenges 和 solutions associated with 攻击面管理 (ASM), a vital aspect of modern cybersecurity strategy.
10分钟
星期二补丁
星期二补丁 - September 2024
4零日. Servicing Stack Win 10 1507 rollback; MotW LNK stomping bypass; Windows Installer EoP; Publisher macro bypass. SharePoint & Windows NAT关键rce.
2分钟
紧急威胁响应
CVE-2024-40766: Critical Improper Access Control 脆弱性 Affecting SonicWall Devices
CVE-2024-40766 is a critical improper access control vulnerability affecting SonicOS, the operating system that runs on the company’s physical 和 virtual firewalls. 截至9月9日, 2024, Rapid7 is aware of several recent incidents in which SonicWall SSLVPN accounts were targeted or compromised.
3分钟
紧急威胁响应
Multiple Vulnerabilities in Veeam Backup & 复制
9月4日, 2024, Veeam released their September security bulletin disclosing various vulnerabilities, 包括cve - 2024 - 40711, a critical unauthenticated remote code execution issue affecting Veeam’s popular Backup & 复制解决方案.
17分钟
漏洞的披露
CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)
Apache OFBiz低于18.12.16 is vulnerable to unauthenticated remote code execution (CVE-2024-45195) on Linux 和 Windows. Exploitation is facilitated by bypassing previous patches.
15分钟
星期二补丁
星期二补丁 - August 2024
Heavy-hitting edition of PT with 10 zero-days. Windows Downdate downgrade attack, Windows WinSock EoP, Windows内核EoP, MotW绕过, 还有其他几个.
4分钟
紧急威胁响应
VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns
7月29日, Microsoft published threat intelligence on observed exploitation of CVE-2024-37085, an authentication bypass vulnerability in Broadcom VMware ESXi hypervisors that has been used in multiple ransomware campaigns.
6分钟
漏洞的披露
CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery
Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery (SSRF).
11分钟
脆弱性管理
补丁星期二- 2024年7月
Microsoft has published 139 vulnerabilities this July 2024 星期二补丁, two of which had already been seen exploited in the wild.
4分钟
紧急威胁响应
Authentication Bypasses in MOVEit Transfer 和 MOVEit Gateway
6月25日, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer 和 MOVEit Gateway: CVE-2024-5806 和 CVE-2024-5805.
7分钟
星期二补丁
补丁星期二- 2024年6月
还是MSMQ RCE. Office恶意文件rce. SharePoint远端控制设备. DNSSEC NSEC3 DoS.