Attack Blogs
Filter Content:
Categories:
Tags:
October 13, 2022 | Attack Blogs
Fortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiProxySwitchManager projects (CVE-2022-40684). This vulnerability gives an…-
October 11, 2022 | Attack Blogs
Introduction The recent FortiOS / FortiProxy / FortiSwitchManager CVE has been reportedly exploited in the wild. We would like to… 
July 13, 2022 | Attack Blogs
It's been more than six months since the Log4Shell vulnerability (CVE-2021-44228) was disclosed, and a number of post-mortems have come…
May 26, 2022 | Attack Blogs
VMware recently patched a critical authentication bypass vulnerability in their VMware Workspace ONE Access, Identity Manager and vRealize Automation products…
May 9, 2022 | Attack Blogs
F5 recently patched a critical vulnerability in their BIG-IP iControl REST endpoint CVE-2022-1388. This vulnerability particularly worrisome for users because…
January 6, 2022 | Attack Blogs
Log4Shell is a "once-in-a-decade" type of vulnerability that will linger in environments for years to come. For a vulnerability with…
December 10, 2021 | Attack Blogs
Understanding Log4Shell: the Apache log4j2 Remote Code Execution Vulnerability (CVE-2021-44228)
October 18, 2021 | Attack Blogs
We wanted to do something a little bit different with this post. Our vulnerability disclosures, exploit proof-of-concepts, and attack analysis…
October 4, 2021 | Attack Blogs
Overview A common attack path that Horizon3 has identified across many of its customers is abusing access to the VMware…
September 16, 2021 | Attack Blogs
Overview On September 14, multiple vulnerabilities were discovered by researchers at Wiz.io. The most critical of them being CVE-2021-38647, now dubbed…
