10分钟
管理检测和响应(耐多药)
Supply Chain Compromise Leads to Trojanized 安装程序 for Notezilla, RecentX, Copywhiz
The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler
麦格劳,莎拉·李和托马斯·埃尔金斯.
执行概要
On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious
客户环境中的活动. 我们的调查发现
suspicious behavior was emanating from the installation of Notezilla, a program
that allows for the creation of sticky notes on a Windows desktop. 安装程序
for Notezilla, along with tools called RecentX 和
10分钟
管理检测和响应(耐多药)
Malvertising Campaign Leads to Execution of Oyster Backdoor
Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome 和 Microsoft Teams.
4分钟
安全运营(SOC)
Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps 和 Augment 耐多药 服务
在Rapid7, we are pioneering the infusion of artificial intelligence (AI) into our platform 和 service offerings, transforming the way security operations centers (SOCs) around the globe operate.
10分钟
管理检测和响应(耐多药)
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack
Justice AV Solutions (JAVS)是一家美国公司.S.-based company specializing in digital audio-visual recording solutions for courtroom environments.
Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk 和 should take immediate action.
3分钟
管理检测和响应(耐多药)
5 key 耐多药 differentiators to look for to build stronger security resilience
Organizations looking to address the skills gap 和 bring greater efficiency as their business grows 和 their attack surface sprawls are turning to 耐多药 providers at an accelerated pace. We’ve seen predictions from top analyst firms signaling the rapid rate of adoption of an 耐多药 provider by 2025.
15分钟
管理检测和响应(耐多药)
Ongoing Malvertising Campaign Leads to Ransomware
Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP 和 PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains.
8分钟
事件响应
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Rapid7 observes ongoing social engineering campaign consistent with Black Basta
7分钟
研究
Stories from the SOC Part 2: MSIX Installer Utilizes Telegram Bot to Execute IDAT Loader
在我们的博客系列的第一部分, we discussed how a Rust based application was used to download 和 execute the IDAT Loader. 在本系列的第二部分中, we will be providing analysis of how an MSIX installer led to the download 和 execution of the IDAT Loader.
5分钟
管理检测和响应(耐多药)
Rapid7产品的新功能 & 服务业:2024年第一季度回顾
We kicked off 2024 with a continued focus on bringing security professionals the tools 和 functionality needed to anticipate risks, 查明威胁, 自信地更快地做出反应.
10分钟
恶意软件
Stories from the SOC Part 1: IDAT Loader to BruteRatel
Rapid7’s 管理检测和响应(耐多药) team continuously monitors our customers' environments, identifying emerging threats 和 developing new detections.
7分钟
事件响应
RCE到silver:来自战场的IR故事
Rapid7 事件响应 was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source of multiple malware executions.
3分钟
数字风险保护(DRP)
Four Key Benefits of Rapid7’s New Managed Digital Risk Protection Service
Cybercrime has boomed to the third largest economy in the world behind the US 和 China, with much of the most nefarious behavior on the dark web. Monitoring it effectively can be the key to identifying the earliest signals of an attack – 和 the difference between a minor event 和 a major breach.
2分钟
安全运营(SOC)
攻击者夜以继日地工作. 幸运的是,我们也是.
With the average cost of a breach at an all time high of $4.4500万年, there’s an undeniable need for teams to enlist the right experts to quickly eradicate threats.
4分钟
MSSP
When Maximum Effort Doesn't Equate to Maximum pg电子
It’s no secret that security teams are feeling beleaguered as a result of the barrage of data, 事件, 以及由他们的安全工具生成的警报, increased budget scrutiny 和 constrained staff resources.
2分钟
管理检测和响应(耐多药)
Proactively Prevent Breaches with Exp和ed Endpoint Protection in Rapid7 耐多药
Rapid7 has expanded pg电子 to include native NGAV 和 DFIR powered by our universal Insight Agent.