10 min
Managed Detection and Response (MDR)
Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz
The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler
McGraw, Sarah Lee, and Thomas Elkins.
Executive Summary
On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious
activity in a customer environment. Our investigation identified that the
suspicious behavior was emanating from the installation of Notezilla, a program
that allows for the creation of sticky notes on a Windows desktop. Installers
for Notezilla, along with tools called RecentX and
10 min
Managed Detection and Response (MDR)
Malvertising Campaign Leads to Execution of Oyster Backdoor
Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and Microsoft Teams.
4 min
Security Operations (SOC)
Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps and Augment MDR Services
At Rapid7, we are pioneering the infusion of artificial intelligence (AI) into our platform and service offerings, transforming the way security operations centers (SOCs) around the globe operate.
10 min
Managed Detection and Response (MDR)
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack
Justice AV Solutions (JAVS) is a U.S.-based company specializing in digital audio-visual recording solutions for courtroom environments.
Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk and should take immediate action.
3 min
Managed Detection and Response (MDR)
5 key MDR differentiators to look for to build stronger security resilience
Organizations looking to address the skills gap and bring greater efficiency as their business grows and their attack surface sprawls are turning to MDR providers at an accelerated pace. We’ve seen predictions from top analyst firms signaling the rapid rate of adoption of an MDR provider by 2025.
15 min
Managed Detection and Response (MDR)
Ongoing Malvertising Campaign Leads to Ransomware
Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains.
8 min
Incident Response
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Rapid7 observes ongoing social engineering campaign consistent with Black Basta
7 min
Research
Stories from the SOC Part 2: MSIX Installer Utilizes Telegram Bot to Execute IDAT Loader
In part one of our blog series, we discussed how a Rust based application was used to download and execute the IDAT Loader. In part two of this series, we will be providing analysis of how an MSIX installer led to the download and execution of the IDAT Loader.
5 min
Managed Detection and Response (MDR)
What’s New in Rapid7 Products & Services: Q1 2024 in Review
We kicked off 2024 with a continued focus on bringing security professionals the tools and functionality needed to anticipate risks, pinpoint threats, and respond faster with confidence.
10 min
Malware
Stories from the SOC Part 1: IDAT Loader to BruteRatel
Rapid7’s Managed Detection and Response (MDR) team continuously monitors our customers' environments, identifying emerging threats and developing new detections.
7 min
Incident Response
RCE to Sliver: IR Tales from the Field
Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source of multiple malware executions.
3 min
Digital Risk Protection (DRP)
Four Key Benefits of Rapid7’s New Managed Digital Risk Protection Service
Cybercrime has boomed to the third largest economy in the world behind the US and China, with much of the most nefarious behavior on the dark web. Monitoring it effectively can be the key to identifying the earliest signals of an attack – and the difference between a minor event and a major breach.
2 min
Security Operations (SOC)
Attackers are Working Around The Clock. Luckily, So Are We.
With the average cost of a breach at an all time high of $4.45 million, there’s an undeniable need for teams to enlist the right experts to quickly eradicate threats.
4 min
MSSP
When Maximum Effort Doesn't Equate to Maximum pg电子
It’s no secret that security teams are feeling beleaguered as a result of the barrage of data, events, and alerts generated by their security tools, increased budget scrutiny and constrained staff resources.
2 min
Managed Detection and Response (MDR)
Proactively Prevent Breaches with Expanded Endpoint Protection in Rapid7 MDR
Rapid7 has expanded Managed Threat Complete to include native NGAV and DFIR powered by our universal Insight Agent.