The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler McGraw, Sarah Lee, and Thomas Elkins.
Executive SummaryOn Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious …
The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler McGraw, Sarah Lee, and Thomas Elkins.
Executive SummaryOn Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious …
The following analysts contributed to this blog: Thomas Elkins, Daniel Thiede, Josh Lockwood, Tyler McGraw, and Sasha Kovalev.
Executive SummaryRapid7 has observed a recent malvertising campaign that lures users …
On May 28, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile …
*The following Rapid7 team members contributed to this blog: Ipek Solak, Thomas Elkins, Evan McCann, Matthew Smith, Jake McMahon, Tyler McGraw, Ryan Emmons, Stephen Fewer, and John Fenninger*
OverviewJustice …
Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads …
Co-authored by Rapid7 analysts Tyler McGraw, Thomas Elkins, and Evan McCann
Executive SummaryRapid7 has identified an ongoing social engineering campaign that has been targeting multiple managed detection and response …
On Friday, April 12, Palo Alto Networks published an advisory on CVE-2024-3400, a CVSS 10 zero-day vulnerability in several versions of PAN-OS, the operating system that runs on the company’s …
Rapid7’s Managed Detection and Response (MDR) team continuously monitors our customers’ environments, identifying emerging threats and developing new detections.
In August 2023, Rapid7 identified a new malware loader named the …
This blog post discusses the IDAT Loader malware and its unique method of retrieving data from PNG files. It also explores the attack chain observed in two separate incidents involving …
Last updated at Thu, 21 Mar 2024 13:20:04 GMT
Co-authors are Christiaan Beek and Raj Samani
Within Rapid7 Labs we continually track and monitor threat groups. This is one of …
Last updated at Tue, 05 Mar 2024 22:21:55 GMT
Overview
In February 2024, Rapid7’s vulnerability research team identified two new vulnerabilities affecting JetBrains TeamCity CI/CD server:
CVE-2024-27198 is an authentication…