Rapid7 Blog

Zero-day  

Weekly Metasploit Wrapup: SMB File Shares

Sharing is Caring One of the nits we've all had to pick with Metasploit is that when you have a module that involves getting a client to connect to an evil SMB server to fetch a file, the strategy usually used involved generating the file…

R7-2014-10 Disclosure: Yokogawa CENTUM CS3000 BKBCopyD.exe File System Access

This blog post represents the final disclosure of the the Yokogawa CENTUM CS3000 vulnerability discussed by Tod Beardsley (@todb) and Jim Denaro (@cipherlaw) on their DEFCON talk, "How To Disclose an Exploit Without Getting in Trouble". A link to that talk, and the…

Weekly Metasploit Update: More Meterpreters!

Meterpreter for All The PlatformsThis week is pretty exciting for us, since it's not every day we give out commit rights to the Rapid7 Metasploit repo. I'm very happy to report that Tim Wright has agreed to step up and help out with moving Meterpreter…

IE 0-day, we got you covered

News broke this weekend of yet another IE 0-day under ("limited, targeted") exploitation in the wild.  Microsoft responded with an advisory, but no patches yet.  Given that the risk from the known exploit is mitigated by the usual defence in depth tactics I…

R7-2013-19 Disclosure: Yokogawa CENTUM CS 3000 Vulnerabilities

On Saturday, March 8th, @julianvilas and I spoke at RootedCON about our work with the Yokogawa CENTUM CS3000 product. Today, as promised, we're publishing details for three of the vulnerabilities found in the product. For all of you who weren't able to attend RootedCON, we're…

Federal Friday - 2.28.14 - Flash Zero Day Targets Foreign Policy Sites

Federal Friday has come again, which means another week has passed us by. It's been a busy week for the Moose of Rapid7 with an imminent move for our Boston HQ for on the horizon. We also had a great week at RSA with SC…

Seven FOSS Tricks and Treats (Part Two)

Adventures in FOSS Exploitation, Part Two: ExploitationThis is part two of a pair of articles about disclosing vulnerabilities in a set of FOSS projects, see part one for some background on these vulnerabilities in particular, and some general advice for FOSS developers and maintainers.A…

Federal Friday - 10.18.2013 - The "We're Back In Business" Edition

After a tough start to FY14, a sense of normalcy should start to creep back in over the coming weeks. Even though the folks in the House and Senate merely delayed their budgetary discussions, we can only hope that some hard lessons were learned this…

IE 0-day: exploit code is now widely available (CVE-2013-3893)

Any newly discovered Internet Explorer zero day vulnerability is bad for users. But once the exploit code gets around to public disclosure sites, it's so much worse. In the past day or so exploit code has been submitted to virustotal.com and scumware.org. …

Metasploit Update: Weaponizing Local Exploits

Weaponizing Local ExploitsThis week's update features an exploit for Tavis @taviso Ormandy's vulnerability in the EPATHOBJ::pprFlattenRec function, which lives in win32k.sys on pretty much any Windows machine you're likely to run into. A whole lot of people threw in on this module to…

Department of Labor IE 0-day Exploit (CVE-2013-1347) Now Available at Metasploit

Recently, the U.S. Department of Labor website was compromised and had been serving malicious code, capable of detecting and disabling some antivirus products such as Avira, F-Secure, Kaspersky, AVG, Sophos, etc.  It would also attack Internet Explorer 8 users with an 0-day exploit.  The…

Exploit Trends: Top 10 Searches for Metasploit Modules in October

Time for your monthly dose of Metasploit exploit trends! Each month we gather this list of the most searched exploit and auxiliary modules from the Metasploit database. To protect users' privacy, the statistics come from analyzing webserver logs of searches, not from monitoring Metasploit usage.…

Exploit Trends: Java and IE 0days

Each month we report the top ten searched exploit and auxiliary modules on metasploit.com. The statistics are drawn from our exploit database by analyzing webserver logs of searches, not through Metasploit usage which is not tracked to preserve privacy.With the Java and Internet…

New Metasploit 0-day exploit for IE 7, 8 & 9 on Windows XP, Vista, and 7

We have some Metasploit freshness for you today: A new zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista and 7. Computers can get compromised simply by visiting a malicious website, which gives the attacker the same privileges as the current…

Exploit Trends: August Java 0-day

Coming from August's Java 0-day release, there are three new Java exploits among the top 10 most searched Metasploit exploits and auxiliary modules in this month's trend list. The monthly statistics are drawn from our exploit database by analyzing webserver logs of searches on metasploit.…

Featured Research

National Exposure Index 2017

The National Exposure Index is an exploration of data derived from Project Sonar, Rapid7's security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys.

Learn More

Toolkit

Make Your SIEM Project a Success with Rapid7

In this toolkit, get access to Gartner's report “Overcoming Common Causes for SIEM Solution Deployment Failures,” which details why organizations are struggling to unify their data and find answers from it. Also get the Rapid7 companion guide with helpful recommendations on approaching your SIEM needs.

Download Now

Podcast

Security Nation

Security Nation is a podcast dedicated to covering all things infosec – from what's making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty has been knee–deep in the security sector for nearly two decades. At Rapid7 he leads a solutions-focused team with the mission of helping security professionals do their jobs.

Listen Now