Raj Samani

@[email protected]
578 Followers
46 Following
94 Posts
Chief Scientist at Rapid7 (ex McAfee) | Cloud Security Alliance - Chief Innovation Officer | Co-author of Smart Grid Cyber Book & CSA Guide to Cloud | Advisor Europol European Cybercrime Centre (EC3)
Twiittertwitter.com/Raj_Samani
LinkedInwww.linkedin.com/in/rajsamani
Raj SamaniMay 27

More on the Cisco SD-WAN 0day on the latest Hacktics and Telemetry podcast with @fulmetalpackets https://www.youtube.com/watch?v=tg4TkzDIrKw

#infosec #vulnerability

Hacktics and Telemetry, E6: Cisco SD-WAN Zero-Days, Mythos AI Evaluations, and Pwn2Own Drama

YouTube
Raj SamaniApr 20

We’re happy to announce that Metasploit Framework had a big week, landing seven new modules alongside various bug fixes and enhancements

https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-04-17-2026/

#metasploit #vulnerability

Metasploit Wrap-Up 04/17/2026

The Metasploit Framework received a major update, introducing seven new modules alongside various bug fixes and enhancements. Four new Remote Code Execution (RCE) exploit modules were added this week. These RCE modules target critical vulnerabilities in AVideo (unauthenticated SQLi for credential dumping), openDCIM (chained SQLi to RCE), ChurchCRM (file upload RCE), and a unified module for unauthenticated Selenium Grid/Selenoid instances. For post-exploitation, three new Windows persistence techniques are now available. These new persistence modules abuse the Windows Telemetry scheduled task, PowerShell profiles, and Microsoft BITS jobs to maintain system access. The update was rounded out with 11 general enhancements, including RISC-V Linux support for fileless payloads, and four resolved bugs.

Rapid7
Raj SamaniApr 20
racheltobac Apr 15
Want my thoughts on Anthropic's Mythos risk vs hype, how I use AI to bypass identity verification systems now, & more?
Tune in for my Rapid7's 2026 Global Cybersecurity Summit keynote panel 5/12 with @gcluley Cluley, @Raj_Samani @brianhonan
Join me here: https://rapid7.brighttalk.com
Raj SamaniJan 22, 2024
Our latest @rapid7 analysis details Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server https://www.rapid7.com/blog/post/2024/01/19/etr-critical-cves-in-outdated-versions-of-atlassian-confluence-and-vmware-vcenter-server/
Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server | Rapid7 Blog

Rapid7
Raj SamaniJan 15, 2024
Our latest Rapid7 Labs publication details an assessment of the hashtag#ransomware landscape detailing the most common threat groups and the common patterns and methodologies observed in the majority of ransomware attacks.: https://www.rapid7.com/blog/post/2024/01/12/2023-ransomware-stats-a-look-back-to-plan-ahead/ #infosec #cybersecurity H/T @ChristiaanB
2023 Ransomware Stats: A Look Back To Plan Ahead | Rapid7 Blog

As we step into 2024, the first victims of ransomware attacks are already being reported. What can the 2023 ransomware stats tell us about the year that was, and how can we use them to plan for the year ahead?

Rapid7
Raj SamaniDec 22, 2023
We are hiring! Great opportunity to join the vulnerability and exploit research team. More details here: https://careers.rapid7.com/jobs/lead-security-researcher-united-states #infosec #infosecjobs
Lead Security Researcher - United States

Location: Remote (U.S.)Lead Security Researcher - Vulnerability ResearchRapid7's vulnerability and exploit research team does industry-leading attack research that prioritizes and uncovers risk for organizations worldwide. We’re looking for an experienced vulnerability researcher to contribute to overall research strategy and execution, helping defenders get ahead of the curve on emergent threats and keeping Rapid7 top of mind for industry audiences. You’ll work with a skilled group of technical leads to define and deliver on long-term priorities, evolving strategy where needed. About the TeamRapid7 vuln researchers find and publish zero-day vulnerabilities, write in-depth analyses of n-day bugs, develop Metasploit modules, identify patterns in...

Raj SamaniNov 10, 2023
Our latest @rapid7analysis details CVE-2023-47426, a zero-day path traversal vulnerability affecting on-premise SysAid servers. Including IoCs and @velocidex
artifact: https://www.rapid7.com/blog/post/2023/11/09/etr-cve-2023-47246-sysaid-zero-day-vulnerability-exploited-by-lace-tempest/ #infosec
CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest | Rapid7 Blog

Rapid7
Raj SamaniOct 18, 2023
Our latest @rapid7 advisory details CVE-2023-20198: Active Exploitation of Cisco IOS XE Zero-Day Vulnerability - IoCs and observed attacker behaviour included; https://www.rapid7.com/blog/post/2023/10/17/etr-cve-2023-20198-active-exploitation-of-cisco-ios-xe-zero-day-vulnerability/
Active Exploitation of Cisco IOS XE Zero-Day Vulnerability | Rapid7 Blog

On October 16, Cisco’s Talos group released a blog on an active threat campaign exploiting CVE-2023-20198, a zero-day vuln in Cisco IOS XE software.

Rapid7
Raj SamaniOct 3, 2023
We have now posted our @rapid7 analysis into CVE-2023-40044, a .NET deserialization vulnerability affecting the Ad Hoc Transfer module of WS_FTP Server. Now available on @AttackerKb https://attackerkb.com/topics/bn32f9sNax/cve-2023-40044/rapid7-analysis
CVE-2023-40044 | AttackerKB

On September 27, 2023, Progress Software disclosed CVE-2023-40044, a .NET deserialization vulnerability affecting the Ad Hoc Transfer module of WSFTP Server, a…

AttackerKB
Raj SamaniOct 2, 2023
We are seeing multiple instances of WS_FTP exploitation in the wild. Further details of this and the vulnerabilities in the advisory, two of which are critical (CVE-2023-40044 and CVE-2023-42657) available in our
Rapid7 advisory: https://www.rapid7.com/blog/post/2023/09/29/etr-critical-vulnerabilities-in-ws_ftp-server/
Critical Vulnerabilities in WS_FTP Server | Rapid7 Blog

Rapid7