How NodeZero Enhances Cybersecurity

Hear directly from two of Horizon3.ai’s founding engineers – Naveen Sunkavally, Chief Architect, and Rob Alderman, Data Architect – as they walk you through an exclusive tour of NodeZero’s latest product refresh.

On 10 March, Silicon Valley Bank (SVB) – a popular institution for the venture capital community in the Bay area – failed when venture capitalists (VCs) quickly started to pull money out of the 40-year-old bank, causing federal regulators to step in and shut its doors before more damage could be done. These are the perfect conditions for threat actors to steal several million dollars (and perhaps much more!).

My friends tell me it’s in vogue these days for pentesters to write up walk-throughs of challenge boxes from Hack The Box. So I decided to get into the game, starting with a machine called Blue. I hear it’s one of the easiest boxes on the platform. Nonetheless, I hope...

Introduction This post is a follow up to https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-theory-crafting/. Previously, we explored the patch for CVE-2023-20273 and CVE-2023-20198 affecting Cisco IOS XE and identified some likely vectors an attacker might have used...

Introduction There has been a lot of news around the recent Cisco IOS XE vulnerabilities CVE-2023-20198 and CVE-2023-2073. Information about this vulnerability was first published by Cisco on October 16th, 2023, and since then we have seen evidence of mass...

Summary CVE-2023-39143 is a critical vulnerability we disclosed to PaperCut that affects the widely used PaperCut NG/MF print management software. It affects PaperCut NG/MF running on Windows, prior to version 22.1.3. If you are a user of PaperCut on Windows, and have...

A series following Horizon3.ai teammate Brian Marr's “journey to secure” - detailing the logic and items that he uses to understand the business, current security state, and leadership visions for building an internal security program.

Last Watchdog Editor-in-chief Byron Acohido interviews Horizon3.ai's Snehal Antani (CEO) and Monti Knode (Director of Customer Success) about advanced penetration testing technologies.

In this episode, serial entrepreneur Hadi Radwan chats with Snehal Antani, the Founder of Horizon3.ai, a software company that mission is to help companies find and fix attack vectors before attackers can exploit them. Horizon3.ai has raised $38.5 million to date

Attackers don’t need to hack in – they log in. This is why we believe Credentials are the new RCE.

Introduction The recent VMware VMSA describes four new CVEs affecting VMware vRealize Log Insight, reported by ZDI. Three of these CVEs can be combined to give an attacker remote code execution as root. This vulnerability is exploitable in the default configuration for VMware vRealize Log Insight. We have successfully reproduced this exploit and would like to provide the technical details...

Introduction The recent VMware VMSA describes four new CVEs affecting VMware vRealize Log Insight. Three of these CVEs can be combined to give an attacker remote code execution as root. This vulnerability is exploitable in the default configuration for VMware vRealize Log Insight. CVE-2022-31704: VMware vRealize Log Insight broken access control Vulnerability CVE-2022-31711: VMware vRealize Log Insight contains an Information...

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

No Results Found

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

No Results Found

Research Blog

Filters