1 min
Apple
Apple Silicon Support on Insight Agent
We are pleased to announce the general availability of native support of Apple Silicon chips for the Rapid7 Insight Agent.
9 min
Vulnerability Disclosure
Vulntober: Multiple Mobile Browser Address Bar Spoofing Vulnerabilities
Today, we're announcing a coordinated vulnerability disclosure on a set of address bar spoofing vulnerabilities that affect a number of mobile browsers.
5 min
Exploits
macOS Keychain Security : What You Need To Know
If you follow the infosec twitterverse or have been keeping an eye on macOS news
sites, you’ve likely seen a tweet
[https://twitter.com/patrickwardle/status/912254053849079808] (with accompanying
video) from Patrick Wardle (@patrickwardle [https://twitter.com/patrickwardle])
that purports to demonstrate dumping and exfiltration of something called the
“keychain” without an associated privilege escalation prompt. Patrick also has a
more in-depth Q&A blog post [https://www.patreon.com/posts/14556
1 min
Microsoft
Cisco Enable / Privileged Exec Support
In Nexpose [https://www.rapid7.com/products/nexpose/] version 6.4.28, we are
adding support for privileged elevation on Cisco devices through enable command
for those that are running SSH version 2.
A fully privileged policy scan provides more accurate information on the
target's compliance status, and the ability to do so through enable password,
while keeping the actual user privilege low, adds an additional layer of
security for your devices. This allows our users to run fully privileged po
4 min
Microsoft
Attacking Microsoft Office - OpenOffice with Metasploit Macro Exploits
It is fair to say that Microsoft Office and OpenOffice are some of the most
popular applications in the world. We use them for writing papers, making slides
for presentations, analyzing sales or financial data, and more. This software is
so important to businesses that, even in developing countries, workers that are
proficient in an Office suite can make a decent living based on this skill
alone.
Unfortunately, high popularity for software also means more high-value targets
in the eyes of an
4 min
Android
Pokemon Go, Security, and Obsolescence
Pokemon Go started it.
The crusty old house cell phone, which we had years ago ported from a genuine
AT&T land line to a T-Mobile account, suddenly caught the attention of my middle
son.
> "Hey Dad, can I use that phone to catch Pokemon at the park?"
"Sure! Have fun, and don't come back until sundown!"
A few minutes later, he had hunted down his first Pikachu, which apparently
required running around the block in Texas summer heat a few times. Sweat-soaked
but proud, he happily presented hi
5 min
Vulnerability Management
Using the National Vunerability Database to Reveal Vulnerability Trends Over Time
This is a guest post by Ismail Guneydas. Ismail Guneydas is senior technical
leader with over ten years of experience in vulnerability management, digital
forensics, e-Crime investigations and teaching. Currently he is a senior
vulnerability manager at Kimberly-Clark and an adjunct faculty at Texas A&M. He
has M.S. in computer science and MBA degrees.
2015 is in the past, so now is as good a time as any to get some numbers
together from the year that was and analyze them. For this blog post,
12 min
Apple
Reduced Annoyances and Increased Security on iOS 9: A Win Win!
Introduction
Early this year, I posted an article [/2015/02/26/the-gif-guide-to-ios-security]
on iOS Hardening that used animated GIFs to explain most of the recommended
settings.
Since then, iOS 9 was released, bringing along many new features
[http://www.apple.com/ca/ios/whats-new/], including better support for
Two-Factor Authentication, as iMessage and FaceTime now work without the need
for app-specific passwords, and as your trusted devices now automatically get
trusted when you authentic
2 min
Windows
Metasploit Framework Open Source Installers
Rapid7 has long supplied universal Metasploit installers for Linux and Windows.
These installers contain both the open source Metasploit Framework as well as
commercial extensions, which include a graphical user interface, metamodules,
wizards, social engineering tools and integration with other Rapid7 tools. While
these features are very useful, we recognized that they are not for everyone.
According to our recent survey of Metasploit Community users, most only used it
for the open source comp
5 min
Apple
Top 10 list of iOS Security Configuration GIFs you can send your friends and relatives
Easily share these animated iOS Security tips with friends and relatives!
While iOS is generally considered to be quite secure, a few configuration items
can improve its security.
Some changes have very little functionality impact, while others are more
visible but probably only needed in specific environments.
This guide contains some of the most important, obvious ones, and contains a GIF
for each configuration step to be taken.
If you already know everything about iOS security, use this a
3 min
Apple
Metasploit Weekly Update: There's a Bug In Your Brain
Running Malicious Code in Safari
The most fun module this week, in my humble opinion, is from Rapid7's own
Javascript Dementor, Joe Vennix [https://twitter.com/joevennix]. Joe wrote up
this crafty implementation of a Safari User-Assisted Download and Run Attack
[http://www.metasploit.com/modules/exploit/osx/browser/safari_user_assisted_download_launch]
, which is not technically a vulnerability or a bug or anything -- it's a
feature that ends up being a kind of a huge risk. Here's how it goes:
4 min
Android
National Cyber Security Awareness Month: Keeping Mobile Devices Safe
To mark National Cyber Security Awareness Month, we're trying to help you
educate your users on security risks and how to protect themselves, and by
extension your organization. Every week in October we'll provide a short primer
email on a different topic relating to user risk. The idea is that you can copy
and paste it into an email and send it around your organization to promote
better security awareness among your users. The first post was on phishing
[/2013/10/02/national-cyber-security-awa
2 min
Product Updates
Weekly Update: Apple OSX Privilege Escalation
Sudo password bypass on OSX
This week's update includes a nifty local exploit for OSX, the sudo bug
described in CVE-2013-1775. We don't have nearly enough of these Apple desktop
exploits, and it's always useful to disabuse the Apple-based cool-kids web app
developer crowd of the notion that their computing platform of choice is
bulletproof.
Joe Vennix [https://github.com/jvennix-r7], the principle author of this module,
is, in fact, of that very same Apple-based developer crowd, and usually bu
4 min
Apple
Abusing Safari's webarchive file format
tldr: For now, don't open .webarchive files, and check the Metasploit module,
Apple Safari .webarchive File Format UXSS
[https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/apple_safari_webarchive_uxss.rb]
Safari's webarchive format saves all the resources in a web page - images,
scripts, stylesheets - into a single file. A flaw exists in the security model
behind webarchives that allows us to execute script in the context of any domain
(a Universal Cross-site S
3 min
Metasploit
Mobile Pwning: Using Metasploit on iOS
Have you ever wanted to run an exploit but found yourself away from your desk?
Wouldn't it be awesome if you could launch a full version of the Metasploit
Framework from your phone or tablet? As you might have guessed, now you can.
With an adventurous spirit and a few commands, you can be running the Metasploit
Framework on your iPad or iPhone in just a few short minutes.
Warning: To install Metasploit, you'll need root access to your device – which
is accomplished by following your favorite ja