10分钟
管理检测和响应(耐多药)
Supply Chain Compromise Leads to Trojanized 安装程序 for Notezilla, RecentX, Copywhiz
The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler
麦格劳,莎拉·李和托马斯·埃尔金斯.
执行概要
On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious
客户环境中的活动. 我们的调查发现
suspicious behavior was emanating from the installation of Notezilla, a program
that allows for the creation of sticky notes on a Windows desktop. 安装程序
for Notezilla, along with tools called RecentX 和
10分钟
管理检测和响应(耐多药)
Malvertising Campaign Leads to Execution of Oyster Backdoor
Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.
10分钟
管理检测和响应(耐多药)
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack
Justice AV Solutions (JAVS)是一家美国公司.S.-based company specializing in digital audio-visual recording solutions for courtroom environments.
Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk 和 should take immediate action.
5分钟
Gartner
Rapid7 Recognized in the 2024 Gartner® Magic Quadrant™ for SIEM
Rapid7 is excited to share that we are named a Challenger for InsightIDR in the 2024 Gartner Magic Quadrant for SIEM.
8分钟
事件响应
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Rapid7 observes ongoing social engineering campaign consistent with Black Basta
11分钟
伶盗龙
迅猛龙0.7.2 Release: Digging Deeper than Ever with EWF 支持, Dynamic DNS 和 More
Rapid7 is very excited to announce that version 0.7.2 of 伶盗龙 is now fully available for download. In this post we’ll discuss some of the interesting new features.
7分钟
事件响应
RCE到silver:来自战场的IR故事
Rapid7 事件响应 was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source of multiple malware executions.
10分钟
伶盗龙
迅猛龙0.7.1版本
Rapid7 is excited to announce that version 0.7.1 of 伶盗龙 is live 和 available for download. There are several new features 和 capabilities that add to the power 和 efficiency of this open-source digital forensic 和 incident response (DFIR) platform.
5分钟
脆弱性管理
Mastering Industrial Cybersecurity: The Significance of Combining 脆弱性管理 with 检测和响应
The convergence of operational technology (OT) 和 information technology (IT) has ushered in new efficiencies but has also exposed vulnerabilities. This article explores the pivotal role of 脆弱性管理 和 检测和响应 (VM/DR) in the realm of Industrial Cybersecurity.
3分钟
云安全
Rapid7 Introduces AI-driven Cloud Anomaly 检测
AWS Re:发明, Amazon Web 服务’ annual mega-conference will soon kick off in Las Vegas 和 there are sure to be a ton of new cloud security innovations, including Rapid7's new capability - Cloud Anomaly 检测.
4分钟
检测和响应
Rapid7检测的新功能 & 回应:2023年第三季度正在审核中
Rapid7 has updated its 检测和响应 offerings with advanced DFIR capabilities, 自定义检测规则, 日志搜索功能, 和更多的.
11分钟
检测和响应
Fake Update Utilizes New IDAT Loader To Execute StealC 和 Lumma Infostealers
Rapid7 has observed the Fake Browser Update lure utilizing a sophisticated new loader to execute infostealers.
7分钟
紧急威胁响应
Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs
Rapid7’s managed detection 和 response (耐多药) teams have observed increased threat activity targeting Cisco ASA SSL VPN appliances (physical 和 virtual) dating back to at least March 2023, including several incidents that ended in ransomware deployment.
2分钟
伶盗龙
Join us for VeloCON 2023: Digging Deeper Together!
Rapid7 is thrilled to announce that the 2nd annual VeloCON: Digging Deeper Together virtual summit will be held this September 13th at 9 am ET.
4分钟
检测和响应
Rapid7检测的新功能 & 回应:2023年第二季度正在审核中
Rapid7 is excited to share another quarter of new 检测 & 响应能力和改进.