#rapid7 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #rapid7, aggregated by home.social.
-
Notepad++ supply chain attack: Researchers reveal details, IoCs, targets https://www.helpnetsecurity.com/2026/02/03/notepad-supply-chain-attack-iocs-targets/ #government-backedattacks #cyberespionage #Don'tmiss #Kaspersky #Hotstuff #Rapid7 #China #News #Asia #APT
-
#Rapid7 published some analysis of #malware likely dropped through the Notepad++ issue.
One of the loaders used by the malware is built with #Microsoft Warbird, a kernel-level code protection framework used by Windows. @cirosec blogged about how this framework could be abused a while back and also published a PoC on GitHub.
I'm one of the authors of that research. We included some thoughts on detection in the article but if there's any further questions about the technique or anything, ask away :) -
#Rapid7 published some analysis of #malware likely dropped through the Notepad++ issue.
One of the loaders used by the malware is built with #Microsoft Warbird, a kernel-level code protection framework used by Windows. @cirosec blogged about how this framework could be abused a while back and also published a PoC on GitHub.
I'm one of the authors of that research. We included some thoughts on detection in the article but if there's any further questions about the technique or anything, ask away :) -
#Rapid7 published some analysis of #malware likely dropped through the Notepad++ issue.
One of the loaders used by the malware is built with #Microsoft Warbird, a kernel-level code protection framework used by Windows. @cirosec blogged about how this framework could be abused a while back and also published a PoC on GitHub.
I'm one of the authors of that research. We included some thoughts on detection in the article but if there's any further questions about the technique or anything, ask away :) -
#Rapid7 published some analysis of #malware likely dropped through the Notepad++ issue.
One of the loaders used by the malware is built with #Microsoft Warbird, a kernel-level code protection framework used by Windows. @cirosec blogged about how this framework could be abused a while back and also published a PoC on GitHub.
I'm one of the authors of that research. We included some thoughts on detection in the article but if there's any further questions about the technique or anything, ask away :) -
#Rapid7 published some analysis of #malware likely dropped through the Notepad++ issue.
One of the loaders used by the malware is built with #Microsoft Warbird, a kernel-level code protection framework used by Windows. @cirosec blogged about how this framework could be abused a while back and also published a PoC on GitHub.
I'm one of the authors of that research. We included some thoughts on detection in the article but if there's any further questions about the technique or anything, ask away :) -
Patch Tuesday, January 2026 Edition
https://krebsonsecurity.com/2026/01/patch-tuesday-january-2026-edition/
#MicrosoftPatchTuesdayJanuary2026 #DesktopWindowManager #MicrosoftOffice #LatestWarnings #TheComingStorm #CVE-2023-31096 #CVE-2026-20805 #CVE-2026-20952 #CVE-2026-20953 #CVE-2026-21265 #CVE-2026-0628 #CVE-2026-0891 #CVE-2026-0892 #TimetoPatch #AdamBarnett #ChrisGoettl #Immersive #KevBreen #Ivanti #Rapid7
-
Patch Tuesday, January 2026 Edition
https://krebsonsecurity.com/2026/01/patch-tuesday-january-2026-edition/
#MicrosoftPatchTuesdayJanuary2026 #DesktopWindowManager #MicrosoftOffice #LatestWarnings #TheComingStorm #CVE-2023-31096 #CVE-2026-20805 #CVE-2026-20952 #CVE-2026-20953 #CVE-2026-21265 #CVE-2026-0628 #CVE-2026-0891 #CVE-2026-0892 #TimetoPatch #AdamBarnett #ChrisGoettl #Immersive #KevBreen #Ivanti #Rapid7
-
Patch Tuesday, January 2026 Edition
https://krebsonsecurity.com/2026/01/patch-tuesday-january-2026-edition/
#MicrosoftPatchTuesdayJanuary2026 #DesktopWindowManager #MicrosoftOffice #LatestWarnings #TheComingStorm #CVE-2023-31096 #CVE-2026-20805 #CVE-2026-20952 #CVE-2026-20953 #CVE-2026-21265 #CVE-2026-0628 #CVE-2026-0891 #CVE-2026-0892 #TimetoPatch #AdamBarnett #ChrisGoettl #Immersive #KevBreen #Ivanti #Rapid7
-
Patch Tuesday, January 2026 Edition
https://krebsonsecurity.com/2026/01/patch-tuesday-january-2026-edition/
#MicrosoftPatchTuesdayJanuary2026 #DesktopWindowManager #MicrosoftOffice #LatestWarnings #TheComingStorm #CVE-2023-31096 #CVE-2026-20805 #CVE-2026-20952 #CVE-2026-20953 #CVE-2026-21265 #CVE-2026-0628 #CVE-2026-0891 #CVE-2026-0892 #TimetoPatch #AdamBarnett #ChrisGoettl #Immersive #KevBreen #Ivanti #Rapid7
-
Patch Tuesday, January 2026 Edition
https://krebsonsecurity.com/2026/01/patch-tuesday-january-2026-edition/
#MicrosoftPatchTuesdayJanuary2026 #DesktopWindowManager #MicrosoftOffice #LatestWarnings #TheComingStorm #CVE-2023-31096 #CVE-2026-20805 #CVE-2026-20952 #CVE-2026-20953 #CVE-2026-21265 #CVE-2026-0628 #CVE-2026-0891 #CVE-2026-0892 #TimetoPatch #AdamBarnett #ChrisGoettl #Immersive #KevBreen #Ivanti #Rapid7
-
Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164) https://www.helpnetsecurity.com/2026/01/08/hpe-oneview-cve-2025-37164-exploited/ #securityupdate #vulnerability #datacenter #Metasploit #Don'tmiss #Hotstuff #Rapid7 #News #CISA #HPE
-
Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) https://www.helpnetsecurity.com/2025/11/12/patch-tuesday-microsoft-cve-2025-62215/ #securityupdate #PatchTuesday #TrendMicro #Don'tmiss #Immersive #Microsoft #Hotstuff #MSOffice #Windows #Ivanti #Rapid7 #News
-
Rapid7 strengthens security with AI-powered risk and vulnerability insights https://www.helpnetsecurity.com/2025/10/29/rapid7-ai-risk-vulnerability-intelligence/ #Industrynews #Rapid7
-
CVE Alert: CVE-2025-6264 - Rapid7 - Velociraptor - https://www.redpacketsecurity.com/cve-alert-cve-2025-6264-rapid7-velociraptor/
#OSINT #ThreatIntel #CyberSecurity #cve-2025-6264 #rapid7 #velociraptor
-
🚨 Crimson Collective hackers exploit AWS IAM keys to steal data, modify RDS passwords, and exfiltrate S3 snapshots.
The same group claims the Red Hat breach (570GB data theft) — partnering with Scattered Lapsus$ Hunters to raise extortion stakes.
🧩 Tool used: TruffleHog
🧠 TTPs: Long-term IAM compromise → privilege escalation → API-based exfiltration
💬 What detection logic would you apply to flag these IAM anomalies?Follow @technadu for continuous threat intelligence and AWS security insights.
#AWS #InfoSec #CyberSecurity #CrimsonCollective #CloudSecurity #ThreatIntel #RedHat #Rapid7 #DataBreach #CyberThreats #TechNadu #AWSBreach
-
🚨 Crimson Collective hackers exploit AWS IAM keys to steal data, modify RDS passwords, and exfiltrate S3 snapshots.
The same group claims the Red Hat breach (570GB data theft) — partnering with Scattered Lapsus$ Hunters to raise extortion stakes.
🧩 Tool used: TruffleHog
🧠 TTPs: Long-term IAM compromise → privilege escalation → API-based exfiltration
💬 What detection logic would you apply to flag these IAM anomalies?Follow @technadu for continuous threat intelligence and AWS security insights.
#AWS #InfoSec #CyberSecurity #CrimsonCollective #CloudSecurity #ThreatIntel #RedHat #Rapid7 #DataBreach #CyberThreats #TechNadu #AWSBreach
-
🚨 Crimson Collective hackers exploit AWS IAM keys to steal data, modify RDS passwords, and exfiltrate S3 snapshots.
The same group claims the Red Hat breach (570GB data theft) — partnering with Scattered Lapsus$ Hunters to raise extortion stakes.
🧩 Tool used: TruffleHog
🧠 TTPs: Long-term IAM compromise → privilege escalation → API-based exfiltration
💬 What detection logic would you apply to flag these IAM anomalies?Follow @technadu for continuous threat intelligence and AWS security insights.
#AWS #InfoSec #CyberSecurity #CrimsonCollective #CloudSecurity #ThreatIntel #RedHat #Rapid7 #DataBreach #CyberThreats #TechNadu #AWSBreach
-
Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035) https://www.helpnetsecurity.com/2025/09/26/fortra-goanywhere-zero-day-cve-2025-10035/ #enterprise #Don'tmiss #WatchTowr #Hotstuff #Fortra #Rapid7 #0-day #News
-
Ransomware attackers used incorrectly stored recovery codes to disable EDR agents https://www.helpnetsecurity.com/2025/09/16/akira-ransomware-disable-edr/ #endpointsecurity #credentials #enterprise #ransomware #Don'tmiss #SonicWall #Hotstuff #Huntress #Rapid7 #News #SMBs
-
Akira ransomware affiliates continue breaching organizations via SonicWall firewalls https://www.helpnetsecurity.com/2025/09/11/akira-ransomware-sonicwall-firewalls/ #vulnerability #ransomware #Don'tmiss #Australia #SonicWall #Hotstuff #Rapid7 #News #ACSC
-
«Швейцарский нож» хакера: как появился и устарел (?) Metasploit Framework
В прошлой статье мы рассказывали о HD Moore — хакере, который подарил миру фреймворк, навсегда изменивший практику пентестов. Теперь на очереди сам Metasploit: в прошлом — настоящий «швейцарский нож» пентестера, ныне — скорее вспомогательный инструмент с отдельными рабочими лезвиями. Чем был Metasploit для индустрии в нулевые, что представляет из себя сейчас, и почему пентестеры продолжают использовать его даже спустя двадцать лет? Разбираем историю эволюции легендарного фреймворка, которому в этом июле исполняется 22 года.
https://habr.com/ru/companies/bastion/articles/930906/
#metasploit_framework #история_Metasploit #инструменты_пентестера #пентест #redteam #rapid7 #hd_moore #джеймс_мур #история_ибиндустрии #как_появился_Metasploit
-
«Швейцарский нож» хакера: как появился и устарел (?) Metasploit Framework
В прошлой статье мы рассказывали о HD Moore — хакере, который подарил миру фреймворк, навсегда изменивший практику пентестов. Теперь на очереди сам Metasploit: в прошлом — настоящий «швейцарский нож» пентестера, ныне — скорее вспомогательный инструмент с отдельными рабочими лезвиями. Чем был Metasploit для индустрии в нулевые, что представляет из себя сейчас, и почему пентестеры продолжают использовать его даже спустя двадцать лет? Разбираем историю эволюции легендарного фреймворка, которому в этом июле исполняется 22 года.
https://habr.com/ru/companies/bastion/articles/930906/
#metasploit_framework #история_Metasploit #инструменты_пентестера #пентест #redteam #rapid7 #hd_moore #джеймс_мур #история_ибиндустрии #как_появился_Metasploit
-
«Швейцарский нож» хакера: как появился и устарел (?) Metasploit Framework
В прошлой статье мы рассказывали о HD Moore — хакере, который подарил миру фреймворк, навсегда изменивший практику пентестов. Теперь на очереди сам Metasploit: в прошлом — настоящий «швейцарский нож» пентестера, ныне — скорее вспомогательный инструмент с отдельными рабочими лезвиями. Чем был Metasploit для индустрии в нулевые, что представляет из себя сейчас, и почему пентестеры продолжают использовать его даже спустя двадцать лет? Разбираем историю эволюции легендарного фреймворка, которому в этом июле исполняется 22 года.
https://habr.com/ru/companies/bastion/articles/930906/
#metasploit_framework #история_Metasploit #инструменты_пентестера #пентест #redteam #rapid7 #hd_moore #джеймс_мур #история_ибиндустрии #как_появился_Metasploit
-
«Швейцарский нож» хакера: как появился и устарел (?) Metasploit Framework
В прошлой статье мы рассказывали о HD Moore — хакере, который подарил миру фреймворк, навсегда изменивший практику пентестов. Теперь на очереди сам Metasploit: в прошлом — настоящий «швейцарский нож» пентестера, ныне — скорее вспомогательный инструмент с отдельными рабочими лезвиями. Чем был Metasploit для индустрии в нулевые, что представляет из себя сейчас, и почему пентестеры продолжают использовать его даже спустя двадцать лет? Разбираем историю эволюции легендарного фреймворка, которому в этом июле исполняется 22 года.
https://habr.com/ru/companies/bastion/articles/930906/
#metasploit_framework #история_Metasploit #инструменты_пентестера #пентест #redteam #rapid7 #hd_moore #джеймс_мур #история_ибиндустрии #как_появился_Metasploit
-
Microsoft pins on-prem SharePoint attacks on Chinese threat actors https://www.helpnetsecurity.com/2025/07/22/microsoft-pins-sharepoint-attacks-cve-2025-53770/ #PaloAltoNetworks #vulnerability #EyeSecurity #SentinelOne #CheckPoint #SharePoint #TrendMicro #Don'tmiss #Hotstuff #exploit #Rapid7 #China #News
-
Microsoft Fix Targets Attacks on SharePoint Zero-Day – Source: krebsonsecurity.com https://ciso2ciso.com/microsoft-fix-targets-attacks-on-sharepoint-zero-day-source-krebsonsecurity-com/ #Cybersecurity&InfrastructureSecurityAgency #rssfeedpostgeneratorecho #CyberSecurityNews #SharePointServer #KrebsonSecurity #KrebsOnSecurity #CVE-2025-49704 #CVE-2025-49706 #CVE-2025-53770 #CVE-2025-53771 #LatestWarnings #TheComingStorm #MicrosoftCorp #EyeSecurity #TimetoPatch #Rapid7 #CISA
-
Microsoft Fix Targets Attacks on SharePoint Zero-Day https://krebsonsecurity.com/2025/07/microsoft-fix-targets-attacks-on-sharepoint-zero-day/ #Cybersecurity&InfrastructureSecurityAgency #SharePointServer #LatestWarnings #TheComingStorm #CVE-2025-49704 #CVE-2025-49706 #CVE-2025-53770 #CVE-2025-53771 #MicrosoftCorp #TimetoPatch #EyeSecurity #Rapid7 #CISA
-
Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257) https://www.helpnetsecurity.com/2025/07/14/exploits-for-unauthenticated-fortiweb-rce-are-public-so-patch-quickly-cve-2025-25257/ #webapplicationsecurity #vulnerability #Don'tmiss #WatchTowr #Hotstuff #Fortinet #exploit #Rapid7 #News #PoC
-
Microsoft Patch Tuesday, July 2025 Edition https://krebsonsecurity.com/2025/07/microsoft-patch-tuesday-july-2025-edition/ #MicrosoftPatchTuesdayJuly2025Edition #MicrosoftConfigurationManager #MicrosoftDefenderSmartScreen #LatestWarnings #SecurityTools #ImmersiveLabs #SQLServer2012 #SQLServer2016 #CVE202547178 #CVE202547981 #CVE202549695 #CVE202549696 #CVE202549697 #CVE202549702 #CVE202549719 #CVE202549740 #TimetoPatch #AdamBarnett #MikeWalters #BenHopkins #Action1 #Office #Rapid7 #adobe
-
Microsoft Patch Tuesday, July 2025 Edition https://krebsonsecurity.com/2025/07/microsoft-patch-tuesday-july-2025-edition/ #MicrosoftPatchTuesdayJuly2025Edition #MicrosoftConfigurationManager #MicrosoftDefenderSmartScreen #LatestWarnings #SecurityTools #ImmersiveLabs #SQLServer2012 #SQLServer2016 #CVE202547178 #CVE202547981 #CVE202549695 #CVE202549696 #CVE202549697 #CVE202549702 #CVE202549719 #CVE202549740 #TimetoPatch #AdamBarnett #MikeWalters #BenHopkins #Action1 #Office #Rapid7 #adobe
-
Microsoft Patch Tuesday, July 2025 Edition https://krebsonsecurity.com/2025/07/microsoft-patch-tuesday-july-2025-edition/ #MicrosoftPatchTuesdayJuly2025Edition #MicrosoftConfigurationManager #MicrosoftDefenderSmartScreen #LatestWarnings #SecurityTools #ImmersiveLabs #SQLServer2012 #SQLServer2016 #CVE202547178 #CVE202547981 #CVE202549695 #CVE202549696 #CVE202549697 #CVE202549702 #CVE202549719 #CVE202549740 #TimetoPatch #AdamBarnett #MikeWalters #BenHopkins #Action1 #Office #Rapid7 #adobe
-
Microsoft Patch Tuesday, July 2025 Edition https://krebsonsecurity.com/2025/07/microsoft-patch-tuesday-july-2025-edition/ #MicrosoftPatchTuesdayJuly2025Edition #MicrosoftConfigurationManager #MicrosoftDefenderSmartScreen #LatestWarnings #SecurityTools #ImmersiveLabs #SQLServer2012 #SQLServer2016 #CVE202547178 #CVE202547981 #CVE202549695 #CVE202549696 #CVE202549697 #CVE202549702 #CVE202549719 #CVE202549740 #TimetoPatch #AdamBarnett #MikeWalters #BenHopkins #Action1 #Office #Rapid7 #adobe
-
Patch Tuesday, June 2025 Edition
https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/
#WindowsServerMessageBlock #sansinternetstormcenter #PatchTuesdayJune2025 #ExperienceManager #CVE-2025-33053 #CVE-2025-33073 #mozillafirefox #SecurityTools #AcrobatReader #BadSuccessor #GoogleChrome #TimetoPatch #AdamBarnett #AlexVovk #SethHoyt #Action1 #Automox #Akamai #Rapid7 #WebDAV
-
Patch Tuesday, June 2025 Edition
https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/
#WindowsServerMessageBlock #sansinternetstormcenter #PatchTuesdayJune2025 #ExperienceManager #CVE-2025-33053 #CVE-2025-33073 #mozillafirefox #SecurityTools #AcrobatReader #BadSuccessor #GoogleChrome #TimetoPatch #AdamBarnett #AlexVovk #SethHoyt #Action1 #Automox #Akamai #Rapid7 #WebDAV
-
Patch Tuesday, June 2025 Edition
https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/
#WindowsServerMessageBlock #sansinternetstormcenter #PatchTuesdayJune2025 #ExperienceManager #CVE-2025-33053 #CVE-2025-33073 #mozillafirefox #SecurityTools #AcrobatReader #BadSuccessor #GoogleChrome #TimetoPatch #AdamBarnett #AlexVovk #SethHoyt #Action1 #Automox #Akamai #Rapid7 #WebDAV
-
Patch Tuesday, June 2025 Edition
https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/
#WindowsServerMessageBlock #sansinternetstormcenter #PatchTuesdayJune2025 #ExperienceManager #CVE-2025-33053 #CVE-2025-33073 #mozillafirefox #SecurityTools #AcrobatReader #BadSuccessor #GoogleChrome #TimetoPatch #AdamBarnett #AlexVovk #SethHoyt #Action1 #Automox #Akamai #Rapid7 #WebDAV
-
Patch Tuesday, June 2025 Edition
https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/
#WindowsServerMessageBlock #sansinternetstormcenter #PatchTuesdayJune2025 #ExperienceManager #CVE-2025-33053 #CVE-2025-33073 #mozillafirefox #SecurityTools #AcrobatReader #BadSuccessor #GoogleChrome #TimetoPatch #AdamBarnett #AlexVovk #SethHoyt #Action1 #Automox #Akamai #Rapid7 #WebDAV
-
Patch Tuesday, June 2025 Edition https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/ #WindowsServerMessageBlock #sansinternetstormcenter #PatchTuesdayJune2025 #ExperienceManager #mozillafirefox #SecurityTools #AcrobatReader #BadSuccessor #CVE202533053 #CVE202533073 #GoogleChrome #TimetoPatch #AdamBarnett #AlexVovk #SethHoyt #Action1 #Automox #Akamai #Rapid7 #WebDAV
-
Patch Tuesday, June 2025 Edition https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/ #WindowsServerMessageBlock #sansinternetstormcenter #PatchTuesdayJune2025 #ExperienceManager #mozillafirefox #SecurityTools #AcrobatReader #BadSuccessor #CVE202533053 #CVE202533073 #GoogleChrome #TimetoPatch #AdamBarnett #AlexVovk #SethHoyt #Action1 #Automox #Akamai #Rapid7 #WebDAV
-
Patch Tuesday, June 2025 Edition https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/ #WindowsServerMessageBlock #sansinternetstormcenter #PatchTuesdayJune2025 #ExperienceManager #mozillafirefox #SecurityTools #AcrobatReader #BadSuccessor #CVE202533053 #CVE202533073 #GoogleChrome #TimetoPatch #AdamBarnett #AlexVovk #SethHoyt #Action1 #Automox #Akamai #Rapid7 #WebDAV
-
Patch Tuesday, June 2025 Edition https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/ #WindowsServerMessageBlock #sansinternetstormcenter #PatchTuesdayJune2025 #ExperienceManager #mozillafirefox #SecurityTools #AcrobatReader #BadSuccessor #CVE202533053 #CVE202533073 #GoogleChrome #TimetoPatch #AdamBarnett #AlexVovk #SethHoyt #Action1 #Automox #Akamai #Rapid7 #WebDAV
-
Review: Metasploit, 2nd Edition https://www.helpnetsecurity.com/2025/06/02/review-metasploit-2nd-edition/ #BinaryDefense #Metasploit #TrustedSec #Don'tmiss #Reviews #OffSec #Rapid7 #review #News #book
-
Review: Metasploit, 2nd Edition https://www.helpnetsecurity.com/2025/06/02/review-metasploit-2nd-edition/ #BinaryDefense #Metasploit #TrustedSec #Don'tmiss #Reviews #OffSec #Rapid7 #review #News #book
-
Review: Metasploit, 2nd Edition https://www.helpnetsecurity.com/2025/06/02/review-metasploit-2nd-edition/ #BinaryDefense #Metasploit #TrustedSec #Don'tmiss #Reviews #OffSec #Rapid7 #review #News #book