Hacker News
- Malicious advertisements for WinSCP and PuTTY lead to ransomware https://www.rapid7.com/blog/post/2024/05/13/ongoing-malvertising-campaign-leads-to-ransomware/ 0 comments
- JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (Fixed) https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/ 8 comments
- Widespread exploitation of critical remote code execution in Apache Log4j https://www.rapid7.com/blog/post/2021/12/10/widespread-exploitation-of-critical-remote-code-execution-in-apache-log4j/ 91 comments
- Metasploit Framework 6.4 Released https://www.rapid7.com/blog/post/2024/03/25/metasploit-framework-6-4-released/ 3 comments netsec
- Rapid7 Vulnerability Intelligence Report Webcast - today at 11am PDT / 2pm EDT https://www.rapid7.com/about/events-webcasts/2023/2022-vulnerability-intelligence-report-webcast/ 6 comments netsec
- Root RCE via CSRF (and other vulns) in F5 Big-IP devices [my original research] https://www.rapid7.com/blog/post/2022/11/16/cve-2022-41622-and-cve-2022-41800-fixed-f5-big-ip-and-icontrol-rest-vulnerabilities-and-exposures/ 5 comments netsec
- Apache Commons Arbitrary Code Execution Vulnerability (Text4Shell) CVE-2022-42889 - Critical 9.8 https://www.rapid7.com/blog/post/2022/10/17/cve-2022-42889-keep-calm-and-stop-saying-4shell/ 5 comments sysadmin
- Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/ 6 comments netsec
- Zyxel Firewall Unauthenticated Command Inject (CVE-2022-30525) https://www.rapid7.com/blog/post/2022/05/12/cve-2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/ 7 comments netsec
- Under the Hoodie 2019: Security Lessons Learned from 180 Pen Tests | Rapid7 https://www.rapid7.com/research/report/under-the-hoodie-2019/ 32 comments netsec
- Java Serialization: A Practical Exploitation Guide https://www.rapid7.com/research/report/exploiting-jsos/ 16 comments netsec
- UNDER THE HOODIE: Lessons from a Season of Penetration Testing (2018) https://www.rapid7.com/globalassets/_pdfs/research/rapid7-under-the-hoodie-2018-research-report.pdf 16 comments netsec
- Rapid7 marketer explains penetration testing [hilarious] http://www.rapid7.com/resources/videos/penetration-testing.jsp 15 comments netsec
- Rapid 7 Releases ScanNow, MySQL Authentication Bypass Flaw Scanner (CVE-2012-2122) http://www.rapid7.com/free-security-software-downloads/mysql-vulnerability-scanner-cve-2012-2122.jsp 6 comments netsec