Category: Disclosures | Page 2

NodeZero helps JTI Cybersecurity scale by automating penetration testing, finding vulnerabilities, and enhancing client security efficiently and effectively.

In an increasingly interconnected world, where digital technologies infiltrate every aspect of society, vulnerabilities in these systems can be exploited by malicious actors to disrupt emergency services, compromise sensitive information, or even endanger lives.

Horizon3.ai’s Stephen Gates & Legion Cyberworks CEO Clayton Dillard discuss Legion’s shift to managed services & blending #NodeZero for security.

A 8-step guide to strengthening cybersecurity post-breach with autonomous pentesting and continuous risk assessment using NodeZero.

As cyber attacks become increasingly complex, sophisticated, and more frequent, security teams need to be able to identify attacks faster and with higher accuracy. But users report that current detection workflows have high set-up and maintenance needs and introduce lots of noise and time-consuming false-positives. In this session, we highlight new approaches to overcome those drawbacks:

– Why rapid threat detection is increasingly critical for every security team in today’s threat landscape.
– A new approach to threat detection that doesn’t increase your team’s workload.
– A preview of how NodeZero Tripwires helps you detect threats faster and accurately.

NodeZero APT: Azure Password Spray to Business Email Compromise

On September 10, 2024, Ivanti released a security advisory for a command injection vulnerability for it's Cloud Service Appliance (CSA) product. Initially, this CVE-2024-8190 seemed uninteresting to us given that Ivanti stated that it was an authenticated...

Update: 2024-09-16 We initially wrote this post in reference to CVE-2024-29847, however this post actually describes CVE-2023-28324. We had incorrectly assumed that the SU5 update was comprehensive which resulted in us mistaking CVE-2023-28324 for CVE-2024-29847. The...

On August 13, 2024, SolarWinds released a security advisory for Web Help Desk (WHD) that detailed a deserialization remote code execution vulnerability. This vulnerability, CVE-2024-28986, was added to CISA's Known Exploited Vulnerability (KEV) catalog two days later...

Business Wire 09/19/2024 Horizon3.ai, a global leader in autonomous security, announces that Nicholas Warner has joined its board as an Independent Director. Warner brings over two decades of cybersecurity experience, marked by a proven track record in scaling...

Business Wire 09/10/2024 Horizon3.ai, a global leader in autonomous security solutions, today unveiled NodeZero Tripwires™, an addition to its product suite that integrates attack detection directly into the penetration testing process. This first-of-its-kind solution...

Business Wire 08/13/2024 Horizon3.ai, a global leader in autonomous security solutions for both public and private sectors, today announced their partnership with FedHIVE, a leading cloud service offering for federal agencies, government contractors, and commercial...

NodeZero helps JTI Cybersecurity scale by automating penetration testing, finding vulnerabilities, and enhancing client security efficiently and effectively.

Horizon3.ai’s Stephen Gates & Legion Cyberworks CEO Clayton Dillard discuss Legion’s shift to managed services & blending #NodeZero for security.

A 8-step guide to strengthening cybersecurity post-breach with autonomous pentesting and continuous risk assessment using NodeZero.

NodeZero APT: Azure Password Spray to Business Email Compromise

In early 2023, given some early success in auditing Fortinet appliances, I continued the effort and landed upon the Fortinet FortiSIEM. Several issues were discovered during this audit that ultimately lead to unauthenticated remote code execution in the context of the root user. The vulnerabilities were assigned CVE-2023-34992 with a CVSS3.0 score of 10.0 given that the access allowed reading...

Early in 2023, soon after reproducing a remote code execution vulnerability for the Fortinet FortiNAC, I was on the hunt for a set of new research targets. Fortinet seemed like a decent place to start given the variety of lesser-known security appliances I had noticed while searching for the FortiNAC firmware. The first target I landed on was the Fortinet...

NextChat a.k.a ChatGPT-Next-Web, a popular Gen AI ChatBot, is vulnerable to a critical server-side request forgery (SSRF) vulnerability.

Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability, CVE-2023-43208. If you’re a user of Mirth Connect, you’ll want to upgrade to the latest patch release, 4.4.1, as of this writing.

Introduction Back in Aug. 2023 we released an advisory for CVE-2023-39143, a critical vulnerability that affects Windows installs of the PaperCut NG/MF print management software. Attackers can exploit this vulnerability to download and delete arbitrary files, and in certain common configurations upload files, leading to remote code execution. This vulnerability was patched in PaperCut version 22.1.3 in July 2023. This...

Security Strategies

Industry Insights

Attack Research

Attack Content

Security Strategies

Industry Insights

Attack Research

Attack Content

Disclosures

Filters

How can NodeZero help you?