Horizon3.ai
Horizon3.ai

Research Blog

Welcome to our cybersecurity research blog where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.

Here you’ll find extensive research and insight from the well-known Horizon3.ai attack team, intuitive perspectives on everything security, and real-world attack path short stories that come directly from discoveries made by NodeZero.

Filters

Categories
Tags

Showing 67–72 of 161 results

War Stories from 15K Pentests: With Log4shell, Vulnerable ≠ Exploitable

In Horizon3.ai's three years of operation, we have conducted more than 15,000 pentests yielding results for our clients and data for our engineers. Join our CEO, Snehal Antani, for stories from the trenches. This month we'll take a look at the Log4shell example, and learn about how the distinction between being vulnerable and being exploitable is so important. During this...
Read More

MOVEit Transfer CVE-2023-34362 Deep Dive and Indicators of Compromise

On May 31, 2023, Progress released a security advisory for their MOVEit Transfer application which detailed a SQL injection leading to remote code execution and urged customers to update to the latest version. The vulnerability, CVE-2023-34362, at the time of release was believed to have been exploited in-the-wild as a 0-day dating back at least 30 days. Soon after publication,...
Read More

Clients Want Assessments to Prove Service Efficacy

Gartner® recently published a report called, Emerging Tech: Grow Your Security Service Revenue with Cybersecurity Validations. We believe the report provides research from a buyer’s perspective on security services they purchase while offering guidance to MSPs and MSSPs on how to improve retention and upsell rates of the critical services they provide. So, what has Gartner discovered, and what do...
Read More

CISA’s Ransomware Vulnerability Awareness Pilot: But Is It Enough?

In early 2023, CISA launched their Ransomware Vulnerability Awareness Pilot (RVWP). It’s designed to warn critical infrastructure (CI) entities that their systems have exposed vulnerabilities that may be exploited by ransomware threat actors. The plan is to identify affected systems that may be prevalent in CI networks, then notify operators about potential risk of exploitation. The idea behind this is...
Read More