Dark Reading

New Tool Exposes Stealthy Metasploit Hack

Researchers will release an open source tool at Black Hat USA that helps forensics investigators reconstruct attacks that use a popular Metasploit payload to covers its tracks. Mandiant's Steve Davis ...
Dark Reading

Expired Redis Service Abused to Use Metasploit Meterpreter Maliciously

Attackers are using an 8-year-old version of the Redis open-source database server to maliciously use Metasploit's Meterpreter module to expose exploits within a system, potentially allowing for ...
ZDNet

Security tool more harmful than helpful?

On Wednesday, the project released an updated design framework to the Metasploit tool, which allows security experts to check computers on their networks and identify those vulnerable to newly ...
Bleeping Computer

Hackers exploit ProjectSend flaw to backdoor exposed servers

Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. The flaw, tracked as CVE-2024-11680, is a ...
ZDNet

BlueKeep exploit to get a fix for its BSOD problem

Currently, the only public proof-of-concept exploit code for the infamous BlueKeep vulnerability is a module for the Metasploit penetration testing framework. The BlueKeep Metasploit module was put ...
Bleeping Computer

Metasploit 6.2.0 improves credential theft, SMB support features, more

Metasploit 6.2.0 has been released with 138 new modules, 148 new improvements/features, and 156 bug fixes since version 6.1.0 was released in August 2021. Metasploit is a penetration testing framework ...
InfoWorld

More IE security woes: Attacks appear imminent as exploit is improved

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft’s Internet Explorer, making it more reliable — and more likely to be used by criminals. Security ...