6分钟
InsightIDR
Defense in Depth Using Deception Technology in InsightIDR
今天, we are diving into the four pieces of deception technology that Rapid7 offers through our incident detection 和 response tool, InsightIDR.
5分钟
研究
DOUBLEPULSAR over RDP: Baselining Badness on the Internet
How many internet-accessible RDP services have the DOPU implant installed? How much DOPU-over-RDP traffic do we see being sprayed across the internet?
2分钟
InsightIDR
Deception Technology in InsightIDR: Setting Up “粘蜜罐”
In order to overcome the adversary, we must first seek to underst和. By
underst和ing how attackers operate, 和 what today’s modern network looks like
from an attacker’s perspective, it’s possible to deceive an attacker, or at
least have warning around internal network compromise. 今天,我们来谈谈a
classic deception technology
[http://851y.ztrl.net/solutions/deception-technology/] that continues to
进化:蜜罐.
honeypot [http://851y.ztrl.net/fundamentals/honeypots/] are de
4分钟
InsightIDR
How to Identify Attacker Reconnaissance on Your Internal Network
The most vulnerable moment for attackers is when they first gain internal access
你的公司网络. In order to determine their next step, intruders must
perform reconnaissance to scout available ports, services, 和 assets from which
they can pivot 和 gain access to customer databases, credit card data, source
代码等等. These initial moments are arguably your best opportunities to
catch attackers before critical assets are breached, but unfortunately, it can
非常具有挑战性
4分钟
“粘蜜罐”
Apache Struts 脆弱性 (CVE-2017-5638) Exploit Traffic
UPDATE - March 10th, 2017: Rapid7 added a check that works in conjunction with
Nexpose's web spider functionality. This check will be performed against any
URIs discovered with the suffix “.action” (the default configuration for Apache
Struts应用程序). To learn more about using this check, read this post
[http://851y.ztrl.net/blog/post/2017/03/15/using-web-spider-to-detect-vulnerable-apache-struts-apps-cve-2017-5638/]
.
UPDATE - March 9th, 2017: Scan your network for this vulnerability
[http://
8分钟
Haxmas
12 Days of HaXmas: A HaxMas Carol
(Rapid7实验室的一个故事)
祝你圣诞快乐! Each year we mark the 12 Days of HaXmas
[http://851y.ztrl.net/blog/tag/haxmas/] with 12 blog posts on hacking-related
topics 和 roundups from the year. This year, we're highlighting some of the
“gifts” we want to give back to the community. And while these gifts may not
come wrapped with a bow, we hope you enjoy them.
Happy Holi-data from Rapid7实验室!
It's been a big year for the Rapid7 elves Labs team. 我们的近200个节点强
海森堡云
6分钟
“粘蜜罐”
蜜罐简介
剧情简介
With an ever-increasing number of methods 和 tactics used to attack networks,
the goal of securing a network must also continually expand in scope. 而
traditional methods such as IDS/IPS systems, DMZ’s, penetration testing 和
various other tools can create a very secure network, it is best to assume
vulnerabilities will always exist, 和 sooner or later, they will be exploited.
Thus, we need to continuously find innovative ways of countering the threats,
和 one such way is to depl
3分钟
InsightIDR
Detect Corporate Identity Theft with a New Intruder Trap: Honey Credentials
If you're only looking through your log files, reliably detecting early signs of
attacker reconnaissance can be a nightmare. 为什么这很重要?? 如果可以的话
detect 和 react to an intruder early in the attack chain, it's possible to kick
the intruder out before he or she accesses your critical assets. 这不是
only good for you (no monetary data is stolen), but it's also critical because
this is the only time in the chain that the intruder is at a disadvantage.
一旦攻击者有了i