GitHub

acronis_cyber_protect_machine_info_disclosure.rb

which the agent then uses to authenticate to the appliance. As the management web console is running on the same port as the API for the agents, this bearer token is also valid for any actions on the ...
GitHub

manageengine_adaudit_plus_authenticated_rce.md

This module exploits security issues in ManageEngine ADAudit Plus prior to 7006 that allow authenticated users to execute arbitrary code by creating a custom alert profile and leveraging the custom ...
Bleeping Computer

Public BlueKeep Exploit Module Released by MetaSploit

A public exploit module for the BlueKeep Windows vulnerability has been added today to the open-source Metasploit penetration testing framework, developed by Rapid7 in collaboration with the ...
ZDNet

Metasploit, popular hacking and security tool, gets long-awaited update

The open-source Metasploit Framework 5.0 has long been used by hackers and security professionals alike to break into systems. Now, this popular system penetration testing platform, which enables you ...
ZDNet

Metasploit team releases BlueKeep exploit

The developers of the Metasploit penetration testing framework have released today a weaponized exploit for the BlueKeep Windows vulnerability. While other security researchers have released defanged ...
Network World

Metasploit Releases New Free Community Edition Building On Open Source Framework

Rapid7 the company who brings us the Metasploit penetration testing program is celebrating the 2 year anniversary of their acquisition of Metasploit with the release of a new free Community edition.
Ars Technica

Exploit for wormable BlueKeep Windows bug released into the wild

For months, security practitioners have worried about the public release of attack code exploiting BlueKeep, the critical vulnerability in older versions of Microsoft Windows that’s “wormable,” ...