4 min
Open Source
Recog Release v3.0.3
Recog Release v3.0.3, which is available now, includes updated fingerprints for Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus; Atlassian Bitbucket Server; and Supervisord Supervisor.
4 min
Research
Year in Review: Rapid7 Cybersecurity Research
Rapid7 is dedicated to conducting research that benefits the entire cybersecurity community. Here is a sampling of our efforts in 2022.
2 min
Emergent Threat Response
CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities
On November 8, 2022, Citrix published Citrix Gateway and Citrix ADC Security
Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516
[http://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516]
announcing fixes for three vulnerabilities:
* CVE-2022-27510 [http://nvd.nist.gov/vuln/detail/CVE-2022-27510]
“Unauthorized access to Gateway user capabilities”
* CVE-2022-27513 [http://nvd.nist.gov/vuln/detai
2 min
DAST
New Research: Optimizing DAST Vulnerability Triage with Deep Learning
In new paper, Rapid7 data scientists outline a novel deep learning model to automatically prioritize application security vulnerabilities and reduce false positive friction.
3 min
Research
New Research: We’re Still Terrible at Passwords; Making it Easy for Attackers
We look at two of the most popular protocols used for remote administration, SSH and RDP, to get a sense of how attackers are taking advantage of weaker password management to gain access to systems.
8 min
Vulnerability Disclosure
FLEXlm and Citrix ADM Denial of Service Vulnerability
Note: Updated October 20, 2022 to clarify that this bypasses CVE-2022-27512 and
not CVE-2022-27511, which has a different root cause.
On June 27, 2022, Citrix released an advisory
[http://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512]
for CVE-2022-27511 [http://nvd.nist.gov/vuln/detail/CVE-2022-27511] and
CVE-2022-27512 [http://nvd.nist.gov/vuln/detail/CVE-2022-27512], which affect
Citrix ADM (Application Del
7 min
Vulnerability Disclosure
Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)
Rapid7 discovered vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare.
6 min
Ransomware
Architecting for Extortion: Acting on the IST’s Blueprint for Ransomware Defense
Last month, the Institute for Security and Technology’s Ransomware Task Force launched the Blueprint for Ransomware Defense.
2 min
Research
25 Years of Nmap: Happy Scan-iversary!
On September 1, 1997, the open-source security scanner Nmap was released. Our Director of Research Tod Beardsley reflects on the 25th anniversary.
4 min
Research
Pushing Open-Source Security Forward: Insights From Black Hat 2022
Here's a look at two Rapid7 researchers' presentations from Black Hat 2022, and how their efforts are helping push open-source security forward.
3 min
Application Security
Are Your Apps Exposed? Know Faster With Application Discovery in InsightAppSec
InsightAppSec's new application discovery feature, powered by Rapid7's Project Sonar, helps security teams know what apps are exposed to the internet.
21 min
Vulnerability Disclosure
Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software
Rapid7 discovered vulnerabilities and non-security issues affecting Cisco ASA, ASDM, and FirePOWER Services Software for ASA.
5 min
Vulnerability Disclosure
CVE-2022-31660 and CVE-2022-31661 (FIXED): VMware Workspace ONE Access, Identity Manager, and vRealize Automation LPE
The VMware Workspace ONE Access, Identity Manager, and vRealize Automation products contain a locally exploitable privilege escalation vulnerability.
4 min
Events
What We're Looking Forward to at Black Hat, DEF CON, and BSidesLV 2022
Here's a sneak peek of what we have planned from August 9-12 at the all-star lineup of cybersecurity sessions in Las Vegas, including Black Hat 2022.
9 min
Vulnerability Disclosure
QNAP Poisoned XML Command Injection (Silently Patched)
In researching the mystery surrounding alleged exploitation in the wild of CVE-2020-2509, we found what make be an entirely new vulnerability.