5 min
Metasploit
R7-2014-18: Hikvision DVR Devices - Multiple Vulnerabilities
Rapid7 Labs has found multiple vulnerabilities in Hikvision
[https://www.hikvision.com/us-en/] DVR (Digital Video Recorder) devices such as
the DS-7204 and other models in the same product series that allow a remote
attacker to gain full control of the device. More specifically, three typical
buffer overflow vulnerabilities were discovered in Hikvision's RTSP request
handling code: CVE-2014-4878, CVE-2014-4879 and CVE-2014-4880. This blog post
serves as disclosure of the technical details for th
6 min
Scanning All The Things
Introduction
Over the past year, the Rapid7 Labs team has conducted large scale analysis on
the data coming out of the Critical.IO and Internet Census 2012 scanning
projects. This revealed a number of widespread security issues and painted a
gloomy picture of an internet rife with insecurity. The problem is, this isn't
news, and the situation continues to get worse. Rapid7 Labs believes the only
way to make meaningful progress is through data sharing and collaboration across
the security communi
4 min
Vaccinating systems against VM-aware malware
The neverending fight with malware forced researchers and security firms to
develop tools and automated systems to facilitate the unmanageable amount of
work they've been facing when dissecting malicious artifacts: from debuggers,
monitoring tools to virtualized systems and sandboxes.
On the other side, malware authors quickly picked them up as easy indicators of
anomalies from their target victims' systems.
This has initiated a still ongoing arms race between malware writers and malware
analy
4 min
Internet Census 2012 - Thoughts
This week, an anonymous researcher published the results of an "Internet Census"
- an internet-wide scan conducted using 420,000 insecure devices connected to
the public internet and yielding data on used IP space, ports, device types,
services and more. After scanning parts of the internet, the researcher found
thousands of insecurely configured devices using insecure / default passwords on
services and used this fact to make those devices into scanning nodes for his
project. He logged into the