2分钟
紧急威胁响应
CVE-2024-40766: Critical Improper Access Control 脆弱性 Affecting SonicWall Devices
CVE-2024-40766 is a critical improper access control vulnerability affecting SonicOS, the operating system that runs on the company’s physical 和 virtual firewalls. 截至9月9日, 2024, Rapid7 is aware of several recent incidents in which SonicWall SSLVPN accounts were targeted or compromised.
3分钟
紧急威胁响应
Veeam备份中的多个漏洞 & 复制
9月4日, 2024, Veeam released their September security bulletin disclosing various vulnerabilities, 包括cve - 2024 - 40711, a critical unauthenticated remote code execution issue affecting Veeam’s popular Backup & 复制解决方案.
3分钟
Gartner
Our 4 Essential Strategy Takeaways from the Gartner® 2024 Report – How to Prepare for Ransomware Attacks
2024年Gartner报告, “如何防范勒索软件攻击”, provides critical insights into the latest tactics used by bad actors 和 offers practical solutions on how to fortify defenses.
3分钟
Gartner
5 Key Insights from the Gartner® Market Guide for 云原生应用保护 平台s (CNAPP)
The 2024 Gartner Market Guide for 云原生应用保护 平台s (CNAPP) provides invaluable insights into the latest trends 和 technologies that are reshaping how companies protect their digital assets.
4分钟
职业发展
Br和on Adkins’ Career Journey - Taking Chances 和 Tackling New Challenges
Br和on Adkins is the 经理 of our 威胁情报 & 检测工程(TIDE)小组. His career journey spans a variety of roles 和 teams where he has been able to showcase his technical skills in security.
5分钟
接触命令
Rapid7 Introduces 接触命令 to Eliminate the Security Visibility Gap
接触命令 provides 360-degree visibility 和 enables security teams to pinpoint 和 extinguish your most critical risks.
2分钟
职业发展
Celebrating Excellence: Rapid7 Recognized in 新闻week's Greatest Workplaces in America 2024
In a testament to its commitment to fostering an exceptional workplace environment, Rapid7 is proud to be included in 新闻week's Greatest Workplaces in America for 2024.
2分钟
报告
New 研究: The Proliferation of Cellular in IoT
Analysis of Cellular Based Internet of Things (IoT) Technology is a new whitepaper co-authored by Rapid7 principal security researcher Deral Heil和 和 Thermo Fisher Scientific lead product security researcher Carlota Bindner.
4分钟
紧急威胁响应
VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns
7月29日, Microsoft published threat intelligence on observed exploitation of CVE-2024-37085, an authentication bypass vulnerability in Broadcom VMware ESXi hypervisors that has been used in multiple ransomware campaigns.
4分钟
从Top Dogs到Unified Pack
Each day often presents a new set of challenges 和 responsibilities, particularly as organizations accelerate digital transformation efforts. This means you 和 your cyber team may find yourselves navigating a complex l和scape of multi-cloud environments 和 evolving compliance requirements.
1分钟
Rapid7文化
Boston Business Journal Names Rapid7 as a Best Place to Work in Boston
6月13日, 2024, Rapid7 was recognized by The Boston Business Journal as a Best Place to Work in Boston. This marks the 13th consecutive year Rapid7 has made the list, this time coming in at #8 in the extra large company category.
2分钟
政府
Rapid7 completes IRAP PROTECTED assessment for Insight 平台 solutions
Rapid7 has successfully completed an Information Security Registered Assessors Program (IRAP) assessment to PROTECTED Level for several of our Insight 平台 solutions.
10分钟
管理检测和响应(耐多药)
Supply Chain Compromise Leads to Trojanized 安装程序 for Notezilla, RecentX, Copywhiz
The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler
麦格劳,莎拉·李和托马斯·埃尔金斯.
执行概要
On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious
客户环境中的活动. 我们的调查发现
suspicious behavior was emanating from the installation of Notezilla, a program
that allows for the creation of sticky notes on a Windows desktop. 安装程序
for Notezilla, along with tools called RecentX 和
4分钟
pg电子
从Top Dogs到Unified Pack
Cybersecurity is as unpredictable as it is rewarding. This means you 和 your cyber team may find yourselves navigating a complex l和scape of multi-cloud environments 和 evolving compliance requirements.
10分钟
管理检测和响应(耐多药)
Malvertising Campaign Leads to Execution of Oyster Backdoor
Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.