Rapid7的帖子

Supply Chain Compromise Leads to Trojanized 安装程序 for Notezilla, RecentX, Copywhiz

The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler 麦格劳，莎拉·李和托马斯·埃尔金斯. 执行概要 On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious 客户环境中的活动. 我们的调查发现 suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes on a Windows desktop. 安装程序 for Notezilla, along with tools called RecentX 和

4分钟 pg电子

从Top Dogs到Unified Pack

Cybersecurity is as unpredictable as it is rewarding. This means you 和 your cyber team may find yourselves navigating a complex l和scape of multi-cloud environments 和 evolving compliance requirements.

10分钟管理检测和响应(耐多药)

Malvertising Campaign Leads to Execution of Oyster Backdoor

Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.

2分钟伶盗龙

Enhancing 伶盗龙 with the Cado Security Platform

伶盗龙 is a robust open-source tool designed for collecting 和 querying forensic 和 incident response artifacts across various endpoints. This powerful tool allows incident responders to effortlessly gather data from remote systems, 不管他们在哪里.

5分钟人工智能

Securing AI Development in the Cloud: Navigating the Risks 和 Opportunities

承诺提高效率, 个性化, 和创新, organizations are increasingly turning to cloud environments to develop 和 deploy these powerful AI 和 ML technologies.

2分钟脆弱性管理

The Dreaded Network Pivot: An Attack Intelligence Story

The spiritual successor to our annual 脆弱性 Intelligence Report, the AIR includes data from the Rapid7 research team combined with our detection 和 response 和 threat intelligence teams.

4分钟紧急威胁响应

CVE-2024-24919: Check Point Security Gateway Information Disclosure

5月28日, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade.

2分钟职业发展

Celebrating Excellence: Joanne Guariglia 和 Kelly Hiscoe Recognized as CRN's 2024 Women of the Channel

We are thrilled to announce that two of our exceptional team members, 乔安妮·瓜格利亚和凯利·希斯科, have been recognized as CRN's 2024 Women of the Channel.

10分钟管理检测和响应(耐多药)

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Justice AV Solutions (JAVS)是一家美国公司.S.-based company specializing in digital audio-visual recording solutions for courtroom environments. Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk 和 should take immediate action.

2分钟研究

Rapid7 Releases the 2024 Attack Intelligence Report

Today, during our Take Comm和 Summit, we released our 2024 Attack Intelligence Report, which pulls in expertise from our researchers, our detection 和反应小组和威胁情报小组. 结果是最清楚的 picture yet of the expanding attack surface 和 the threats security 专业人士每天都要面对. Since the end of 2020, we’ve seen a significant increase in zero-day exploitation, ransomware attacks, 和 mass compromise incidents impacting many 组织全球.

3分钟事件

请看周二的指挥峰会的先睹为快

In just a few short days, some of the best minds in cybersecurity will come 一起指挥 [http://rapid7.brighttalk.com/?utm_source =博客&utm_medium =网站&utm_content = blog-4&utm_campaign=global-mdr-take-comm和-summmit-prospect-eng-cyas] to discuss the most pressing 挑战和 opportunities we face as an 行业. The sessions include in-depth discussions on attacker trends 和 behaviors, a look into the Rapid7 SOC, top guest speakers with unique insights 进入网络安全

8分钟事件响应

Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators

Rapid7 observes ongoing social engineering campaign consistent with Black Basta

2分钟职业发展

Rapid7 Signs 100% Talent Compact with Boston Women’s Workforce Council

Rapid7 is proud to announce their signing of the 100% Talent Compact through the Boston Women’s Workforce Council (BWWC).

1分钟事件

Take Comm和 Summit: A Message from Rapid7 Chairman 和 CEO, Corey Thomas

The Rapid7 Take Comm和 Summit is just two short weeks away. We’re busy putting together one of the most impactful programs on the latest in cybersecurity trends, 技术, 创新是可行的, 我们渴望与大家分享.

2分钟事件

Take Comm和峰会: A Stacked Agenda, 和 Killer Guest Speakers Coming Your Way May 21

Take Comm和峰会, Rapid7将于5月21日举行为期一天的虚拟峰会, is bringing together some of the best minds in the cybersecurity sphere for comprehensive discussions on the latest data, 挑战, 以及这个行业的机遇