贴有检测和响应标签的帖子

Supply Chain Compromise Leads to Trojanized 安装程序 for Notezilla, RecentX, Copywhiz

The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler 麦格劳，莎拉·李和托马斯·埃尔金斯. 执行概要 On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious 客户环境中的活动. 我们的调查发现 suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes on a Windows desktop. 安装程序 for Notezilla, along with tools called RecentX 和

10分钟管理检测和响应(耐多药)

Malvertising Campaign Leads to Execution of Oyster Backdoor

Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.

10分钟管理检测和响应(耐多药)

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Justice AV Solutions (JAVS)是一家美国公司.S.-based company specializing in digital audio-visual recording solutions for courtroom environments. Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk 和 should take immediate action.

5分钟 Gartner

Rapid7 Recognized in the 2024 Gartner® Magic Quadrant™ for SIEM

Rapid7 is excited to share that we are named a Challenger for InsightIDR in the 2024 Gartner Magic Quadrant for SIEM.

8分钟事件响应

Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators

Rapid7 observes ongoing social engineering campaign consistent with Black Basta

11分钟伶盗龙

迅猛龙0.7.2 Release: Digging Deeper than Ever with EWF 支持, Dynamic DNS 和 More

Rapid7 is very excited to announce that version 0.7.2 of 伶盗龙 is now fully available for download. In this post we’ll discuss some of the interesting new features.

7分钟事件响应

RCE到silver:来自战场的IR故事

Rapid7 事件响应 was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source of multiple malware executions.

10分钟伶盗龙

迅猛龙0.7.1版本

Rapid7 is excited to announce that version 0.7.1 of 伶盗龙 is live 和 available for download. There are several new features 和 capabilities that add to the power 和 efficiency of this open-source digital forensic 和 incident response (DFIR) platform.

5分钟脆弱性管理

Mastering Industrial Cybersecurity: The Significance of Combining 脆弱性管理 with 检测和响应

The convergence of operational technology (OT) 和 information technology (IT) has ushered in new efficiencies but has also exposed vulnerabilities. This article explores the pivotal role of 脆弱性管理和检测和响应 (VM/DR) in the realm of Industrial Cybersecurity.

3分钟云安全

Rapid7 Introduces AI-driven Cloud Anomaly 检测

AWS Re:发明, Amazon Web 服务’ annual mega-conference will soon kick off in Las Vegas 和 there are sure to be a ton of new cloud security innovations, including Rapid7's new capability - Cloud Anomaly 检测.

4分钟检测和响应

Rapid7检测的新功能 & 回应:2023年第三季度正在审核中

Rapid7 has updated its 检测和响应 offerings with advanced DFIR capabilities, 自定义检测规则, 日志搜索功能, 和更多的.

11分钟检测和响应

Fake Update Utilizes New IDAT Loader To Execute StealC 和 Lumma Infostealers

Rapid7 has observed the Fake Browser Update lure utilizing a sophisticated new loader to execute infostealers.

7分钟紧急威胁响应

Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs

Rapid7’s managed detection 和 response (耐多药) teams have observed increased threat activity targeting Cisco ASA SSL VPN appliances (physical 和 virtual) dating back to at least March 2023, including several incidents that ended in ransomware deployment.

2分钟伶盗龙

Join us for VeloCON 2023: Digging Deeper Together!

Rapid7 is thrilled to announce that the 2nd annual VeloCON: Digging Deeper Together virtual summit will be held this September 13th at 9 am ET.