Metasploit
Rapid7 announces security certifications for Metasploit and Nexpose
Rapid7 is launching certification programs for Nexpose administrators and Metasploit Pro specialists. “Certification enables security professionals to ensure that they …
Microsoft EMET’s protections can be bypassed, researchers show
Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is a good piece of software and helpful for protecting non-kernel Microsoft applications and third-party …
LogRhythm and Rapid7 partner on threat protection and security analytics
LogRhythm and Rapid7 announced API-level integrations of the LogRhythm SIEM 2.0 platform with both the Rapid7 Nexpose vulnerability management product and the Rapid7 …
Metasploit supports Kali Linux free security auditing toolkit
Rapid7 is working with Offensive Security to provide official Metasploit support for Kali Linux, the enterprise-ready evolution of BackTrack Linux. The free security auditing …
Metasploit Pro 4.5 released
Rapid7 released a new version of Metasploit Pro, which introduces advanced capabilities to simulate social engineering attacks. With Metasploit 4.5, security professionals can …
Nepalese government websites serving backdoor
Two websites belonging to the Nepalese government have been injected with malicious code that tries to take advantage of a Java vulnerability (CVE-2012-0507) in order to …
Unpatched Microsoft flaw actively exploited in the wild
When Microsoft released a security advisory detailing a critical flaw in Microsoft XML Core Services and its corresponding “Fix it” mitigation solution last week, …
Security posture management from FireMon
FireMon announced Security Manager 6.0, a security policy and posture management solution that integrates risk analysis with configuration management, enforcement and auditing …
Metasploit: The Penetration Tester’s Guide
Metasploit Framework (MF), the open source tool for launching exploits against remote machines, is a well-loved instrument that allows penetration testers to automate routine …
Metasploit identifies IPv6 security risks
Rapid7 announced that the new version of Metasploit 4.2 allows users to fully test whether IPv6 addresses on their network are vulnerable to cyber attacks. This is …
Researchers demonstrate tragic state of SCADA security
Since the discovery of Stuxnet, we’ve been hearing from a variety of researchers about security vulnerabilities in SCADA computer systems. While some researchers such as …
Penetration testing for mobile phones
Core Security announced the Core Impact Pro v12 penetration testing software, a commercial-grade solution that pinpoints security exposures in Android, BlackBerry and iPhone …