8分钟
Metasploit
Metasploit 2023总结
As 2023 winds down, we’re taking another look back at all the changes 和
Metasploit框架的改进. 今年是20周年
Metasploit版本1.0被判有罪
[http://github.com/metasploit/framework1/commit/bdd5c00344bcdd49bf1d0df989a41f2734a497d6]
和 the project is still actively maintained 和 improved thanks to a thriving
社区.
版本6.3
Early this year in January, Metasploit version 6.3
[http://7lzgvbsm.lekeu.net/blog/post/2023/01/30/metasploit-f
10分钟
伶盗龙
迅猛龙0.7.1版本
Rapid7兴奋地宣布,版本0.7.1 of 伶盗龙 is live 和 available for download. There are several new features 和 capabilities that add to the power 和 efficiency of this open-source digital forensic 和 incident response (DFIR) platform.
5分钟
脆弱性管理
Mastering Industrial Cybersecurity: The Significance of Combining 脆弱性管理 with 检测和响应
The convergence of operational technology (OT) 和 information technology (IT) has ushered in new efficiencies but has also exposed vulnerabilities. This article explores the pivotal role of 脆弱性管理 和 检测和响应 (VM/DR) in the realm of Industrial Cybersecurity.
1分钟
物联网
There’s One Last Gift Under the Tree, It’s H和s-On 物联网!
It’s the holiday season 和 since we’re in a giving mood we thought we’d surprise our loyal readers with a fun, h和s-on hardware exercise to enjoy during some well-earned downtime.
2分钟
Metasploit
Metasploit每周总结
Metasploit has added exploit content for the glibc LPE CVE-2023-4911 (AKA Looney Tunables) 和 RCE exploits for Confluence 和 Vinchin Backup 和 Recovery.
3分钟
人工智能
Securely Build AI/ML Applications in the Cloud with Rapid7 InsightCloudSec
Advancements in 人工智能 和 Machine Learning have marked a transformative era, 影响着我们生活的方方面面. 随着社会接受这些进步, the implications of Generative AI 和 LLMs extend across diverse sectors.
6分钟
pg电子
Rapid7产品的新功能 & 服务业:2023年回顾
Throughout 2023 Rapid7 has made investments across the Insight Platform to further our mission of providing security teams with the tools to proactively anticipate imminent risk, 尽早防止违规行为, 对威胁做出更快的反应.
4分钟
人工智能
Exp和ed Coverage 和 AWS Compliance Pack Updates in InsightCloudSec Coming Out of AWS Re:Invent 2023
情况总是如此, AWS unveiled a host of new services throughout the week, 包括围绕无服务器的进步, artificial intelligence (AI) 和 Machine Learning (ML), 安全及更多.
4分钟
云安全
Exp和ed Coverage 和 New Attack Path Visualizations Help Security Teams Prioritize Cloud Risk 和 Underst和 Blast Radius
Cloud environments differ in a number of ways from more traditional on-prem environments. From the immense scale 和 compounding complexity to the rate of change, the cloud creates a host of challenges for security teams to navigate 和 grapple with.
3分钟
人工智能
We Asked ChatGPT for 2024 Cybersecurity Predictions but You Should Make These Resolutions Instead
Here at Rapid7 we’ve seen a whole lot of threats 和 exploited vulnerabilities in 2023, 很多是以零日的形式. So it can be a little overwhelming to think about what could be in store for us in the year ahead.
3分钟
Metasploit
Metasploit每周总结:12月. 15, 2023
Metasploit的第12次劳动继续进行
Metasploit continues its Herculean task of increasing our toolset to tame
Kerberos by adding support for AS_REP Roasting, which allows retrieving the
password hashes of users who have Do not require Kerberos preauthentication set
在域控制器上. The setting is disabled by default, but it is enabled
在某些环境中.
Attackers can request the hash for any user with that option enabled, 和 worse
(或更好的?),可以查询DC来确定
3分钟
InsightCloudSec
NIST SP 800-53. 5 Updates: What You Need to Know About The Most Recent Patch Release (5.1.1)
In this blog we’ll cover the new 和 updated controls within patch release 5.1.1, as well as review how Rapid7 InsightCloudSec helps security teams implement 和 continuously enforce them across their organizations.
6分钟
脆弱性管理
补丁星期二- 2023年12月
AMD除以零日信息披露. 无交互MSHTML Outlook关键RCE. 双ICS临界RCE. 更少的补丁,更少的产品.
5分钟
风险管理
Peeking into the crystal ball: What 2023 cyber threats told us about 2024
Even though we’re surely in for more than a few surprises in the coming year, 我们有很多方法可以做好准备. So sit back 和 relax as we venture through some insights we’ve gained in 2023 和 offer ways you can put them into practice in the coming year.
3分钟
Living our Values 和 Leveraging Diverse Skill Sets: How Jonathan Atwood Built a 成功ful Career as a Customer Advisor at Rapid7
在Rapid7, our Customer Advisors play a pivotal role at ensuring our customers underst和 their threat l和scape – 和 feel confident in their security programs.