Raj Samani

@[email protected]
578 Followers
46 Following
94 Posts
Chief Scientist at Rapid7 (ex McAfee) | Cloud Security Alliance - Chief Innovation Officer | Co-author of Smart Grid Cyber Book & CSA Guide to Cloud | Advisor Europol European Cybercrime Centre (EC3)
Twiittertwitter.com/Raj_Samani
LinkedInwww.linkedin.com/in/rajsamani
Raj SamaniJan 15, 2024
Our latest Rapid7 Labs publication details an assessment of the hashtag#ransomware landscape detailing the most common threat groups and the common patterns and methodologies observed in the majority of ransomware attacks.: https://www.rapid7.com/blog/post/2024/01/12/2023-ransomware-stats-a-look-back-to-plan-ahead/ #infosec #cybersecurity H/T @ChristiaanB
2023 Ransomware Stats: A Look Back To Plan Ahead | Rapid7 Blog

As we step into 2024, the first victims of ransomware attacks are already being reported. What can the 2023 ransomware stats tell us about the year that was, and how can we use them to plan for the year ahead?

Rapid7
Raj SamaniAug 3, 2023
Our latest analysis details CVE-2023-35082, a new vulnerability that allows unauthenticated attackers to access the API in older unsupported versions of MobileIron Core (11.2 and below). https://www.rapid7.com/blog/post/2023/08/02/cve-2023-35082-mobileiron-core-unauthenticated-api-access-vulnerability/ #infosec #cybersecurity
CVE-2023-35082 MobileIron Core Unauthenticated API Access | Rapid7 Blog

Rapid7 discovered a new vulnerability that allows unauthenticated attackers to access the API in unsupported versions of MobileIron Core (11.2 and below).

Rapid7
Raj SamaniMar 17, 2023
Good News! Courtesy of @Kaspersky the availability of a free decryptor for Conti #ransomware - now available here: noransom.kaspersky.com/en/?tool=conti #malware #cybersecurity #infosec
Raj SamaniMar 1, 2023
Now available - our Rapid7 Vuln Intelligence report that found "56% of vulns in this report were exploited within seven days of public disclosure—a 12% rise over 2021 and an 87% rise over 2020" https://www.rapid7.com/info/vulnerability-intelligence-report-2022-edition/
The Annual Vulnerability Intelligence Report: 2022 Edition | Rapid7

In our annual vulnerability intelligence report, we analyzed 50 of 2022’s most notable vulnerabilities and attacks to highlight exploitation trends and help security practitioners prioritize.

Rapid7
Raj SamaniFeb 10, 2023
Our latest research analyses evasion techniques observed by APT groups, includes links to hunting rules: https://www.rapid7.com/blog/post/2023/02/09/evasion-techniques-uncovered-an-analysis-of-apt-methods/ #malware #infosec #cybersecurity
Evasion Techniques Uncovered: An Analysis of APT Methods | Rapid7 Blog

In this piece, we look at DLL search order hijacking and DLL sideloading, which are commonly used by nation state sponsored attackers to evade detection.

Rapid7
Raj SamaniFeb 9, 2023
Our analysis of CVE-2022-21587 now posted on @AttackerKb "easily exploitable vuln allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator" https://attackerkb.com/topics/Bkij5kK1qK/cve-2022-21587/rapid7-analysis #infosec #cybersecurity
CVE-2022-21587 | AttackerKB

Oracle E-Business Suite (EBS) is a packaged collection of enterprise applications for a wide variety of tasks such as customer relationship management (CRM), e…

AttackerKB
Raj SamaniFeb 7, 2023
Our latest research details several issues in on-premises installations of open source and freemium Document Management System (DMS) offerings from four vendors. https://www.rapid7.com/blog/post/2023/02/07/multiple-dms-xss-cve-2022-47412-through-cve-20222-47419/ H/T @todb #infosec #cybersecurity
Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419) | Rapid7 Blog

Rapid7
Raj SamaniFeb 2, 2023
Excellent work via @iagox86 who details our latest vulnerability disclosure detailing CVE-2023-22374: F5 BIG-IP Format String Vulnerability: https://www.rapid7.com/blog/post/2023/02/01/cve-2023-22374-f5-big-ip-format-string-vulnerability/ #infosec
CVE-2023-22374: F5 BIG-IP Format String Vulnerability | Rapid7 Blog

Rapid7 found an additional vulnerability in the appliance-mode REST interface. We disclosing it in accordance with our vulnerability disclosure policy.

Rapid7
Raj SamaniJan 30, 2023
Delighted to confirm that @metasploit Framework 6.3 is now Released. Includes Native Kerberos authentication over HTTP, LDAP, MSSQL, SMB, and WinRM and much much more! https://www.rapid7.com/blog/post/2023/01/30/metasploit-framework-6-3-released/ #cybersecurity #infosec
Metasploit Framework 6.3 Released | Rapid7 Blog

Rapid7
Raj SamaniJan 27, 2023
Good News! The disruption of HIve #ransomware and the provision of a decryption key has "prevented the payment of more than USD 130 million or the equivalent of about EUR 120 million of ransom payments." https://www.europol.europa.eu/media-press/newsroom/news/cybercriminals-stung-hive-infrastructure-shut-down #malware #cybersecurity
Cybercriminals stung as HIVE infrastructure shut down | Europol

In the last year, HIVE ransomware has been identified as a major threat as it has been used to compromise and encrypt the data and computer systems of large IT and oil multinationals in the EU and the USA. Since June 2021, over 1 500 companies from over 80 countries worldwide have fallen victim to HIVE associates and lost almost...

Europol