8 min
Research
Old Blackmoon Trojan, NEW Monetization Approach
Rapid7 is tracking a new, more sophisticated and staged campaign using the Blackmoon trojan, which appears to have originated in November 2022.
2 min
Emergent Threat Response
SonicWall Recommends Urgent Patching for GMS and Analytics CVEs
SonicWall published an urgent security advisory on July 12, 2023 warning customers of new vulnerabilities affecting their GMS and Analytics products.
12 min
Vulnerability Management
Patch Tuesday - July 2023
Five zero-day vulns, including an Office maldoc attack with no patch yet and a SmartScreen bypass. Eight critical RCEs, and 130 total vulns. Busier than recent months.
7 min
Vulnerability Disclosure
CVE-2023-29298: Adobe ColdFusion Access Control Bypass
Rapid7 discovered an access control bypass vulnerability affecting Adobe ColdFusion that allows an attacker to access the administration endpoints.
4 min
Vulnerability Management
What’s New in InsightVM and Nexpose: Q2 2023 in Review
In Q2, InsightVM and Nexpose got an improved UI for the Console, custom policy for Agent-Based assessment, a new dashboard card, and more.
22 min
Vulnerability Disclosure
Multiple Vulnerabilities in Fortra Globalscape EFT Administration Server [FIXED]
Rapid7 has uncovered four issues in Fortra Globalscape EFT, the worst of which can lead to remote code execution.
3 min
Emergent Threat Response
CVE-2023-34362: MOVEit Vulnerability Timeline of Events
Rapid7 continues to track the impact of CVE-2023-34362. We’ve put together a timeline of events to date for your reference.
10 min
Vulnerability Management
Patch Tuesday - June 2023
No zero-day vulns this month. PGM & .NET/Visual Studio critical RCEs. SharePoint EoP. Exchange RCEs.
2 min
Emergent Threat Response
CVE-2023-27997: Critical Fortinet Fortigate Remote Code Execution Vulnerability
Rapid7 is tracking CVE-2023-27997, a purportedly critical remote code execution (RCE) vulnerability in Fortigate SSL VPN firewalls.
3 min
Emergent Threat Response
CVE-2023-2868: Total Compromise of Physical Barracuda ESG Appliances
Rapid7 incident response teams are investigating exploitation of physical Barracuda Networks Email Security Gateway (ESG) appliances.
8 min
Emergent Threat Response
Rapid7 Observed Exploitation of Critical MOVEit Transfer Vulnerability
Rapid7 managed services teams are observing exploitation of a critical vulnerability in Progress Software’s MOVEit Transfer solution across multiple customer environments.
2 min
Emergent Threat Response
Widespread Exploitation of Zyxel Network Devices
Rapid7 is tracking reports of ongoing exploitation of CVE-2023-28771, a critical unauthenticated command injection vulnerability affecting multiple Zyxel networking devices.
9 min
Vulnerability Management
Patch Tuesday - May 2023
A relatively light 49 vulnerabilities patched in May 2023, including a new entry method for BlackLotus bootkit malware.
4 min
InsightVM
Using Rapid7 Insight Agent and InsightVM Scan Assistant in Tandem
Rapid7 Insight Agent and InsightVM Scan Assistant can improve visibility into your environment. This article explores how and when to use each.
12 min
Vulnerability Management
Patch Tuesday - April 2023
114 vulnerabilities patched, including a zero-day driver-based LPE. Message Queueing Service RCE. End of support for 2013 products.