10分钟
管理检测和响应(耐多药)
Supply Chain Compromise Leads to Trojanized 安装程序 for Notezilla, RecentX, Copywhiz
The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler
麦格劳,莎拉·李和托马斯·埃尔金斯.
执行概要
On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious
客户环境中的活动. 我们的调查发现
suspicious behavior was emanating from the installation of Notezilla, a program
that allows for the creation of sticky notes on a Windows desktop. 安装程序
for Notezilla, along with tools called RecentX 和
4分钟
pg电子
从Top Dogs到Unified Pack
Cybersecurity is as unpredictable as it is rewarding. This means you 和 your cyber team may find yourselves navigating a complex l和scape of multi-cloud environments 和 evolving compliance requirements.
10分钟
管理检测和响应(耐多药)
Malvertising Campaign Leads to Execution of Oyster Backdoor
Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.
2分钟
伶盗龙
Enhancing 伶盗龙 with the Cado Security Platform
伶盗龙 is a robust open-source tool designed for collecting 和 querying forensic 和 incident response artifacts across various endpoints. This powerful tool allows incident responders to effortlessly gather data from remote systems, 不管他们在哪里.
5分钟
人工智能
Securing AI Development in the Cloud: Navigating the Risks 和 Opportunities
承诺提高效率, 个性化, 和创新, organizations are increasingly turning to cloud environments to develop 和 deploy these powerful AI 和 ML technologies.
2分钟
脆弱性管理
The Dreaded Network Pivot: An Attack Intelligence Story
The spiritual successor to our annual 脆弱性 Intelligence Report, the AIR includes data from the Rapid7 research team combined with our detection 和 response 和 threat intelligence teams.
4分钟
紧急威胁响应
CVE-2024-24919: Check Point Security Gateway Information Disclosure
5月28日, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade.
2分钟
职业发展
Celebrating Excellence: Joanne Guariglia 和 Kelly Hiscoe Recognized as CRN's 2024 Women of the Channel
We are thrilled to announce that two of our exceptional team members, 乔安妮·瓜格利亚和凯利·希斯科, have been recognized as CRN's 2024 Women of the Channel.
10分钟
管理检测和响应(耐多药)
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack
Justice AV Solutions (JAVS)是一家美国公司.S.-based company specializing in digital audio-visual recording solutions for courtroom environments.
Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk 和 should take immediate action.
2分钟
研究
Rapid7 Releases the 2024 Attack Intelligence Report
Today, during our Take Comm和 Summit, we released our 2024 Attack Intelligence
Report, which pulls in expertise from our researchers, our detection 和
反应小组和威胁情报小组. 结果是最清楚的
picture yet of the expanding attack surface 和 the threats security
专业人士每天都要面对.
Since the end of 2020, we’ve seen a significant increase in zero-day
exploitation, ransomware attacks, 和 mass compromise incidents impacting many
组织全球.
3分钟
事件
请看周二的指挥峰会的先睹为快
In just a few short days, some of the best minds in cybersecurity will come
一起指挥
[http://rapid7.brighttalk.com/?utm_source =博客&utm_medium =网站&utm_content = blog-4&utm_campaign=global-mdr-take-comm和-summmit-prospect-eng-cyas]
to discuss the most pressing 挑战 和 opportunities we face as an
行业. The sessions include in-depth discussions on attacker trends 和
behaviors, a look into the Rapid7 SOC, top guest speakers with unique insights
进入网络安全
8分钟
事件响应
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Rapid7 observes ongoing social engineering campaign consistent with Black Basta
2分钟
职业发展
Rapid7 Signs 100% Talent Compact with Boston Women’s Workforce Council
Rapid7 is proud to announce their signing of the 100% Talent Compact through the Boston Women’s Workforce Council (BWWC).
1分钟
事件
Take Comm和 Summit: A Message from Rapid7 Chairman 和 CEO, Corey Thomas
The Rapid7 Take Comm和 Summit is just two short weeks away. We’re busy putting together one of the most impactful programs on the latest in cybersecurity trends, 技术, 创新是可行的, 我们渴望与大家分享.
2分钟
事件
Take Comm和峰会: A Stacked Agenda, 和 Killer Guest Speakers Coming Your Way May 21
Take Comm和峰会, Rapid7将于5月21日举行为期一天的虚拟峰会, is bringing together some of the best minds in the cybersecurity sphere for comprehensive discussions on the latest data, 挑战, 以及这个行业的机遇