How NodeZero Enhances Cybersecurity

The FBI has warned that cybercriminals were selling stolen credentials information from higher education organizations on Russian hacker forums.

Digital transformation of healthcare can lead to better treatments, improved outcomes, and reduced costs for healthcare organizations.

Horizon3.ai experts were in the news this week on topics ranging from the future of penetration testing, the Atlassian Confluence flaw, AI.

Introduction On Thursday, 16 February 2023, Fortinet released a PSIRT that details CVE-2022-39952, a critical vulnerability affecting its FortiNAC product. This vulnerability, discovered by Gwendal Guégniaud of Fortinet, allows an unauthenticated attacker to write...

Introduction The recent VMware VMSA describes four new CVEs affecting VMware vRealize Log Insight, reported by ZDI. Three of these CVEs can be combined to give an attacker remote code execution as root. This vulnerability is exploitable in the default configuration...

The FBI has warned that cybercriminals were selling stolen credentials information from higher education organizations on Russian hacker forums.

Digital transformation of healthcare can lead to better treatments, improved outcomes, and reduced costs for healthcare organizations.

Horizon3.ai experts were in the news this week on topics ranging from the future of penetration testing, the Atlassian Confluence flaw, AI.

Join us in side-saddling on an attacker’s journey with Noah King to become an ethical hacker!

Which is more valuable to you; the ability to identify a problem, or the ability to solve the problem? There is a plethora of vulnerability scanning tools that do a decent job identifying vulnerabilities. Unfortunately, those tools rarely discern the possible from the exploitable.

On January 28, 2022, CEO and Co-founder Snehal Antani sat down with host David Raviv of NY Information Security Meetup for an insightful fireside chat. They discussed Snehal's career as former CTO of Splunk and JSOC, his inspiration for starting Horizon3, and his outlook on the future of cyber warfare. Learn about: - Employing a defense strategy w/ multiple layers...

Log4Shell is a "once-in-a-decade" type of vulnerability that will linger in environments for years to come. For a vulnerability with such a broad, lasting impact, it's important to establish a principled and disciplined approach for discovering and remediating it. NodeZero both detects and exploits Log4Shell, surfacing a wealth of information that can be used to understand its real impact and...

Understanding Log4Shell: the Apache log4j2 Remote Code Execution Vulnerability (CVE-2021-44228)

During our assessment of the ResourceSpace code base, we found three new vulnerabilities that could be exploited by an unauthenticated attacker. The most critical is CVE-2021-41765, a pre-auth SQL injection that an attacker can abuse to gain remote code execution (RCE) privileges on the ResourceSpace server.

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

No Results Found

No Results Found

No Results Found

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

No Results Found

No Results Found

No Results Found

Research Blog

Filters