1分钟
政府
Rapid7 Added to Carahsoft GSA Schedule Contract
We are happy to announce that Rapid7 has been added to Carahsoft’s GSA Schedule contract, making our suite of comprehensive security solutions widely available to Federal, 状态, 和 Local agencies through Carahsoft 和 its reseller partners.
1分钟
政府
Rapid7 Now Available Through Carahsoft’s NASPO ValuePoint
Rapid7’s solutions have been added to the NASPO ValuePoint Cloud Solutions contract held by Carahsoft Technology Corp. The addition of this contract enables Carahsoft 和 its reseller partners to provide Rapid7’s Insight platform to participating SLED institutions.
5分钟
新闻
F5 Discloses Eight Vulnerabilities—Including Four Critical Ones—in BIG-IP Systems
On March 10, 2021, F5 disclosed eight vulnerabilities, four of which are deemed "critical."
5分钟
新闻
Rapid7’s InsightIDR Enables 检测 And 响应 to Microsoft Exchange Zero-Day
Starting February 27, 2021, Rapid7 has observed a notable increase in the
exploitation of Microsoft Exchange through existing detections in InsightIDR
[http://wlp.wjqklgz.com/products/insightidr/]’s Attacker Behavior Analytics
(ABA). The 管理检测和响应 (耐多药) identified multiple, related
在过去72小时内的妥协. In most cases, the attacker is uploading an
“eval” webshell, commonly referred to as a “chopper” or “China chopper”. 与
这个立足点,攻击者就会
3分钟
新闻
Multiple Unauthenticated Remote Code Control 和 Execution Vulnerabilities in Multiple Cisco 产品
2月. 24, 2021, Cisco released many patches for multiple products, three of which require immediate attention by organizations if they are running affected systems 和 operating system/software configurations.
2分钟
新闻
VMware vCenter Server CVE-2021-21972 Remote Code Execution 脆弱性: What You Need to Know
2月. 23, 2021, VMware published an advisory describing three weaknesses affecting VMware ESXi, VMware vCenter Server, 和VMware Cloud Foundation.
2分钟
新闻
Cisco Patches Recently Disclosed "sudo" 脆弱性 (CVE-2021-3156) in Multiple 产品
Cisco has released security updates to address vulnerabilities in most of their product portfolio.
2分钟
Rapid7角度
Rapid7 Acquires Leading Kubernetes Security Provider, Alcide
We at Rapid7 are happy to announce that we have acquired Alcide, a leader in Kubernetes security based in Tel Aviv, 以色列.
4分钟
新闻
状态-Sponsored Threat Actors Target Security 研究ers
周一, Google’s Threat Analysis Group published a blog on a widespread social engineering campaign that targeted security researchers working on vulnerability research 和 development.
5分钟
新闻
Update on SolarWinds Supply-Chain Attack: SUNSPOT, SUNSHUTTLE 和 New Malware Family Associations
New research has been published that expands the security community’s underst和ing of the breadth 和 depth of the SolarWinds attack.
2分钟
新闻
SaltStack Pre-Authenticated Remote Root (CVE-2020-16846 和 CVE-2020-25592): What You Need to Know
结合时, a new pair of SaltStack vulnerabilities can result in unauthenticated remote root access on a target system.
2分钟
新闻
HP Device 经理 Cavalcade of Critical CVEs (CVE-2020-6925:6927): What You Need to Know
惠普于9月11日发布了一份安全公告. 25, 2020, disclosing a set of vulnerabilities in HP Device 经理.
3分钟
脆弱性管理
CVE-2020-3452 Cisco ASA / Firepower Read-Only Path Traversal 脆弱性: What You Need to Know
7月22日, Cisco released a patch for a high-severity read-only patch traversal vulnerability in its Cisco Adaptive Security Appliance (ASA) 和 Firepower Threat Defense (FTD) products.
4分钟
脆弱性管理
Windows DNS Server Remote Code Execution 脆弱性 (CVE-2020-1350): What You Need to Know
周二, 7月14日, 2020, Microsoft released a patch for a 17-year-old remote code execution (RCE) vulnerability in Windows Domain Name System (DNS) servers discovered by Check Point researchers.
4分钟
脆弱性管理
CVE-2020-6287: Critical 脆弱性 in SAP NetWeaver Application Server (AS) Java
新的SAP漏洞(RECON), a critical vulnerability affecting the SAP NetWeaver Application Server (AS) Java component LM Configuration Wizard, 是一件大事.