Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is a good piece of software and helpful for protecting non-kernel Microsoft applications and third-party software, but the protection it offers can also be bypassed completely if the attackers know what they are doing, claim researchers from security firm Bromium.
LogRhythm and Rapid7 announced API-level integrations of the LogRhythm SIEM 2.0 platform with both the Rapid7 Nexpose vulnerability management product and the Rapid7 Metasploit Pro penetration testing solution.
Rapid7 is working with Offensive Security to provide official Metasploit support for Kali Linux, the enterprise-ready evolution of BackTrack Linux.
Rapid7 released a new version of Metasploit Pro, which introduces advanced capabilities to simulate social engineering attacks.
Two websites belonging to the Nepalese government have been injected with malicious code that tries to take advantage of a Java vulnerability (CVE-2012-0507) in order to download a backdoor RAT on the visitors' machines, Websense warns.