14 min
Patch Tuesday
Patch Tuesday - January 2025
Eight 0-days. Access: triple zero-day RCE; Hyper-V NT Kernel Integration VSP: triple zero-day EoP; Windows Themes: zero-day NTLM disclosure; Windows Installer: zero-day EoP; PGM: critical RCE; OLE: critical RCE.
3 min
Metasploit
Metasploit Wrap-Up 01/10/2025
New module content (5)
OneDev Unauthenticated Arbitrary File Read
Authors: Siebene and vultza
Type: Auxiliary
Pull request: #19614
contributed by vultza
Path: gather/onedev_arbitrary_file_read
AttackerKB reference: CVE-2024-45309
Description: This adds an exploit module for an unauthenticated arbitrary file
read vulnerability, tracked as CVE-202
2 min
Security Operations (SOC)
Securing Success: Stories from the SOC Webinar Series
Cyberattacks are evolving, threat volumes are skyrocketing, and attackers are exploiting vulnerabilities faster than ever. To navigate these challenges, Rapid7 has launched the "Securing Success: Stories from the SOC" webinar series.
2 min
Artificial Intelligence
Unlocking the Power of AI in Cybersecurity: Key Takeaways from Our Latest Webinar
In our recent webinar, "Enhancing MDR with AI: Real-World Use Cases & Security Insights," cybersecurity and AI experts shared their perspectives on how advancements in artificial intelligence are reshaping security operations.
2 min
Career Development
Built In Honors Rapid7 with “2025 Best Places To Work” Award
3 Rapid7 Offices Included in Built In’s “Best Places to Work” Lists.
2 min
Research
New Research: Enhancing Botnet Detection with AI using LLMs and Similarity Search
As botnets continue to evolve, so do the techniques required to detect them.
2 min
Emergent Threat Response
CVE-2025-0282: Ivanti Connect Secure Zero-Day Exploited in the Wild
Two stack-based buffer overflow issues were disclosed in Ivanti Connect Secure, Policy Secure, and Neurons for ZTA. CVE-2025-0282, the more severe of the two issues, has been exploited in the wild against Ivanti Connect Secure devices.
2 min
Awards
Rapid7 Recognized with Top Score of 100 in 2025 Corporate Equality Index
On January 7, the Human Rights Campaign Foundation released their 2025 Corporate Equality Index (CEI), where Rapid7 earned a top score of 100.
5 min
IoT
Out With the Old, In With the New: Securely Disposing of Smart Devices
Hopefully you received some cool smart technology, or maybe you just upgraded your smart camera or voice assistant to a newer model or version. If you upgraded to a new model or version, what is your plan for the old device? Is it still working or is it broken?
11 min
Metasploit
Metasploit 2024 Annual Wrap-Up
Another year has come and gone, and the Metasploit team has taken some time to
review the year’s notable additions. This year saw some great new features
added, Metasploit 6.4 released
and a slew of new modules. We’re grateful to the community members new and old
that have submitted modules and issues this year. The real privilege escalation
was the privilege of working with the contributors and friends we made alo
2 min
Metasploit
Metasploit Weekly Wrap-Up 12/20/2024
New module content (4)
GameOver(lay) Privilege Escalation and Container Escape
Authors: bwatters-r7, g1vi, gardnerapp, and h00die
Type: Exploit
Pull request: #19460
contributed by gardnerapp
Path: linux/local/gameoverlay_privesc
AttackerKB reference: CVE-2023-2640
Description: Adds a module for CVE-2023-2640 and CVE-2023-32629, a local
privil
6 min
Product Updates
What’s New in Rapid7 Products & Services: Q4 2024 in Review
Below, we’ve highlighted key releases and updates from the quarter across our products and services, including the new Platform Home Navigation experience, extensibility enhancements to Exposure Command and Surface Command, expanded MXDR support, and 2024 threat landscape trends from Rapid7 Labs.
5 min
Career Development
Take Command of Your Career: Practicing Self-Advocacy as a Woman in Tech
As the year draws to a close, it’s essential—and often expected—to reflect on our achievements and lessons learned in preparation for annual performance reviews and setting future goals.
8 min
Labs
2024 Threat Landscape Statistics: Ransomware Activity, Vulnerability Exploits, and Attack Trends
In this blog, the global experts across our Rapid7 Labs and Managed Services teams share real-time vulnerability insights and threat intelligence so that our customers can anticipate and prevent breaches, pinpoint critical threats, and confidently take command of their attack surface.
4 min
Metasploit
Metasploit Weekly Wrap-Up 12/13/2024
It’s raining RCEs!
It's the second week of December and the weather forecast announced another
storm of RCEs in Metasploit-Framework land. This weekly release includes RCEs
for Moodle e-Learning platform, Primefaces, WordPress Really Simple SSL and
CyberPanel along with two modules to change password through LDAP and SMB
protocol.
New module content (7)
Change Password
Author: smashery
Type: Auxiliary
Pull request: #19671
contributed