Rapid7 Archives - Help Net Security

Rapid7

PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)

January 17, 2023

If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because …

Tracking the adversary

January 3, 2023

Raj Samani, SVP, Chief Scientist, Rapid7, discusses the tactics observed from a recent case of espionage, and what can be learned from such observations. This video was …

New Microsoft Exchange exploit chain lets ransomware attackers in (CVE-2022-41080)

December 21, 2022

Ransomware-wielding attackers are using a new exploit chain that includes one of the ProxyNotShell vulnerabilities (CVE-2022-41082) to achieve remote code execution on …

5 Kali Linux tools you should learn how to use

November 14, 2022

Kali Linux is a specialized Linux distribution developed by Offensive Security, designed for experienced Linux users who need a customized platform for penetration testing. …

IRISSCERT brings eminent cybersecurity experts to its conference in Dublin

October 26, 2022

The Irish Reporting and Information Security Service’s (IRISSCERT) Conference on Cybercrime will be on the 10th of November 2022 in the Aviva stadium. This all-day conference …

Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)

October 19, 2022

A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could …

Unpatched Zimbra RCE bug exploited by attackers (CVE-2022-41352)

October 10, 2022

A still unpatched vulnerability (CVE-2022-41352) in Zimbra Collaboration is being exploited by attackers to achieve remote code execution on vulnerable servers. About the …

Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)

September 12, 2022

QNAP Systems has provided more information about the latest DeadBolt ransomware campaign targeting users of its network-attached storage (NAS) devices and the vulnerability …

Patch critical flaw in Atlassian Bitbucket Server and Data Center! (CVE-2022-36804)

August 29, 2022

A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable …

Why it’s past time we operationalized cybersecurity

August 15, 2022

Enterprises are investing more in cybersecurity than ever before, but we’re also seeing a record number of breaches. More than 5.1 billion pieces of personal information were …

Black Hat USA 2022 video walkthrough

August 11, 2022

In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal …

Open Cybersecurity Schema Framework project helps organizations detect and defend from cyberattacks

August 11, 2022

A coalition of cybersecurity and technology leaders announced an open-source effort to break down data silos that impede security teams. The Open Cybersecurity Schema …

Rapid7

PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)

Tracking the adversary

New Microsoft Exchange exploit chain lets ransomware attackers in (CVE-2022-41080)

5 Kali Linux tools you should learn how to use

IRISSCERT brings eminent cybersecurity experts to its conference in Dublin

Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)

Unpatched Zimbra RCE bug exploited by attackers (CVE-2022-41352)

Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)

Patch critical flaw in Atlassian Bitbucket Server and Data Center! (CVE-2022-36804)

Why it’s past time we operationalized cybersecurity

Black Hat USA 2022 video walkthrough

Open Cybersecurity Schema Framework project helps organizations detect and defend from cyberattacks

Don't miss

Thousands of unpatched VMware ESXi servers hit by ransomware via old bug (CVE-2021-21974)

While governments pass privacy laws, companies struggle to change

Trends that impact on organizations’ 2023 security priorities

What a perfect day in data privacy looks like

Patch your Jira Service Management Server and Data Center and check for compromise! (CVE-2023-22501)