How NodeZero Enhances Cybersecurity

Horizon3.ai Senior Engineer Noah King discusses the journey of obtaining an Offensive Security Certified Professional (OSCP) certification. Whether you’re a cybersecurity enthusiast or a beginner looking to explore the field, you’ll learn tips and tricks to help you navigate the certification process, including:

– How to get started in Offensive Security with little or no prior experience.
– An understanding of what it takes to obtain your OSCP.
– Tips and tricks on what helped Noah pass OSCP.

Horizon3.ai CEO Snehal Antani discuss several real-world examples of what autonomous pentesting discovered in networks just like yours. You’ll hear more about how fast and easy it was to safely compromise some of the biggest (and smallest) networks in the world – with full domain takeover in a little more than a few hours. Learn how you can safely do the same in your own network today!

I exploited the Mirai machine from Hack The Box using the same technique used by the infamous Mirai malware.

On January 22, 2024 Fortra posted a security advisory for their GoAnywhere MFT product. This advisory details an authentication bypass vulnerability, CVE-2024-0204, that allows an unauthenticated attacker to create an administrative user for the application. Customers...

Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability, CVE-2023-43208. If you’re a user of Mirth Connect, you’ll want to upgrade to the latest patch release, 4.4.1, as of this writing.

Introduction Back in Aug. 2023 we released an advisory for CVE-2023-39143, a critical vulnerability that affects Windows installs of the PaperCut NG/MF print management software. Attackers can exploit this vulnerability to download and delete arbitrary files, and in...

Businesswire: 09/27/22 Horizon3.ai announced it has expanded its partner program to include new rewards, incentives, training, and tools to help partners drive more recurring revenue. The mission of the Horizon3.ai Partner Program is to drive growth opportunities for...

Businesswire: 08/22/22 Horizon3.ai announced that it has been recognized as an Excellence Award winner in the Most Promising Early-Stage Startup category for the 2022 SC Awards. Now in its 25th year, the industry awards program is cybersecurity’s most prestigious and...

Business Wire: 06/29/22 Horizon3.ai, a cybersecurity firm focused on autonomous penetration testing, announced today that Midsize Enterprise Services (MES), a brand of The Channel Company, has recognized Horizon3.ai on its 2022 MES Matters - Key Vendors Serving the...

– How to get started in Offensive Security with little or no prior experience.
– An understanding of what it takes to obtain your OSCP.
– Tips and tricks on what helped Noah pass OSCP.

I exploited the Mirai machine from Hack The Box using the same technique used by the infamous Mirai malware.

Introduction In December 2022, we competed at our first pwn2own. We were able to successfully exploit the Lexmark MC3224i using a command injection 0-day. This post will detail the process we used to discover, weaponize, and have some fun with this vulnerability. You can find our POC here. Printer Acquisition It was rather difficult to acquire the Lexmark MC3224adwe. So...

Last Watchdog Editor-In-Chief Byron Acohido interviews Horizon3.ai CEO Snehal Antani about advanced pentesting tools and services.

Summary CVE-2023-39143 is a critical vulnerability we disclosed to PaperCut that affects the widely used PaperCut NG/MF print management software. It affects PaperCut NG/MF running on Windows, prior to version 22.1.3. If you are a user of PaperCut on Windows, and have it exposed to the Internet, we recommend you check out the July 2023 PaperCut security bulletin and immediately...

Art Ocain, Field CISO at Airiam, and Naveen Sunkavally, Chief Architect at Horizon3.ai join forces in this webinar, where you will gain an in-depth understanding of threat actors and their tactics through a LIVE attack simulation.

In Horizon3.ai's three years of operation, we have conducted more than 15,000 pentests yielding results for our clients and data for our engineers. Join our CEO, Snehal Antani, for stories from the trenches. This month we'll take a look at the Log4shell example, and learn about how the distinction between being vulnerable and being exploitable is so important. During this...

Over the last week, the widely reported critical security flaw in the Progress MOVEit Transfer application (CVE-2023-34362) reminded us yet again to remain vigilant in securing our IT infrastructure from potential cyber threat actors.

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

Research Blog

Filters