IBM Aspera Faspex servers are being targeted by ransomware gangs
A vulnerability in IBM Aspera Faspex servers is being actively exploited by ransomware criminals, researchers warn.
Hackers are exploiting a critical vulnerability in an IBM file-exchange application. According to security researchers, the criminals are using the flaw to install ransomware on se... Read more
Rapid7 discovers critical vulnerability in Zyxel firewalls
Rapid7 researchers discovered a critical vulnerability in various Zyxel firewalls. The vulnerability allows hackers to breach firewalls by remotely executing a command injection via the firewalls' management interface.
According to the security specialist, the vulnerability (CVE-2022-30525) is r... Read more
WAF and API Gateways are no match for API security leaks
The importance of API security is constantly exemplified. Last week, Rapid7 discovered a leak in GitLab's GraphQL API. The security researchers managed to retrieve personal data without authorization. Although the leak has since been plugged, the incident points to a larger problem.
GraphQL is a... Read more
Rapid7 acquires IntSights to gain ‘outside the wire’ capabilities
Rapid7, the security automation technology firm, announced that it will pay $335 million in cash and stock to buy the New York-based, privately-held firm, IntSights. The purpose of this acquisition is so Rapid7 can protect customers even before an attack reaches the perimeter.
In a press release... Read more
Rapid 7 finds four important vulnerabilities in Sage Business Cloud X3
Rapid7 released important details regarding four vulnerabilities found in SageX3. One has even been rated as critical. Sage has developed patches for three of the vulnerabilities which have been accessible since March.
What vulnerabilities did Rapid7 find?
Rapid7 disclosed details regarding t... Read more
Rapid7 reveals it suffered a software supply chain breach
The hack happened after the company used software from auditing company Codecov.
Cybersecurity firm Rapid7 announced this week that it has been the victim of a software supply chain breach. The incursion resulted in compromising customer data and partial source code that an attacker obtained by ... Read more
Cybersecurity company Rapid7 acquires Velociraptor
Rapid7 has announced that it has acquired Velociraptor. The organisation develops the open-source platform of the same name for cybersecurity monitoring. It is not known how was paid for the acquisition.
Velociraptor, not to be confused with the hard drives, is a platform that was founded by for... Read more