In April we wrapped up our first installment of the Rapid7 Threat Intel Book Club. Much to our delight, our New Year’s resolution/grand experiment on hosting a regular threat intel book club was a success! We got to dive into The Cuckoo’s…
When it comes to securing IoT devices, it’s important to know that Universal Asynchronous Receiver Transmitter (UART) ports are often the keys to the kingdom for device analysis when you have physical access. For example, as part of ongoing security research and testing projects…
New Privilege Escalation Exploit The glibc 'realpath()' module was added by bcoles. It attempts to gain root privileges on Debian-based Linux systems by exploiting a vulnerability in GNU C Library (glibc) version <= 2.26. This exploit uses halfdog's RationalLove exploit to expose a…
The following is a guest post from Rapid7 customer Bo Weaver. Hi, everyone. I’m Bo, a penetration tester at CompliancePoint (and also a customer of Rapid7). If you’re just getting started in penetration testing, or are simply interested in the basics, this blog…
TL;DR: Hooray! Thanks SC Awards Europe, we’re dead chuffed with the award! There are an actual tonne of incredible people at Rapid7. It’s an inspirational place, with amazing products and services, and a company ethos that really supports making a difference in…
Things are always brewing in Rapid7 product development. Today, we’re excited to announce several exciting new features in InsightAppSec, our cloud-powered application security testing solution for modern web apps. These include: Custom reports for PCI, HIPAA, SOX, and OWASP 2017 compliance requirements PDF report…
After working in the security industry for 15 years, one of the consistent themes I’ve observed is how teams struggle with balancing the increasing amount of work they have to do, without an increase in resources to accomplish their goals. But there’s another,…
There’s no silver bullet to combating protecting your organization from phishing attacks today. The only comprehensive approach leverages a combination of methods, many of which we’ve covered in parts 1 and 2 of our three-part phishing Whiteboard Wednesday series. Phishing is a human…
This month's Patch Tuesday is rather run-of-the-mill, with a total of 50 vulnerabilities being addressed by Microsoft. However, a bit of excitement came earlier this month, with an out-of-band patch for Adobe Flash Player released last Thursday to fix four security issues. Two of these…
Welcome back to Password Tips From a Pen Tester. Last time, I talked about what you can expect to learn from these posts and I also explained the three most common passwords that we see on penetration tests. This month, let’s take a look…
This post describes CVE-2018-5553, a vulnerability in the Crestron Console service that is preinstalled on the DGE-100. Due to a lack of input sanitization, this service is vulnerable to command injection that can be used to gain root-level access. DGE-100 devices running firmware versions 1.…
Just Let Me Grab My Popcorn First This week, rmdavy contributed a pair of modules designed to fool Windows into authenticating to you so you can capture sweet, sweet NetNTLM hashes. BadODT targets LibreOffice/Apache OpenOffice by providing a link to an image on a…
(Many thanks to Rebekah Brown & Derek Abdine for their contributions to the post.) How does VPNFilter work? Over the past few weeks, Cisco’s Talos group has published some significant new research on a new malware family called VPNFilter. VPNFilter targets and compromises networking…
