Attack Blogs

Understanding Log4Shell: the Apache log4j2 Remote Code Execution Vulnerability (CVE-2021-44228)

We wanted to do something a little bit different with this post. Our vulnerability disclosures, exploit proof-of-concepts, and attack analysis…

Overview A common attack path that Horizon3 has identified across many of its customers is abusing access to the VMware…

Overview On September 14, multiple vulnerabilities were discovered by researchers at Wiz.io. The most critical of them being CVE-2021-38647, now dubbed…

On August 25, 2021, Atlassian released a security advisory for CVE-2021-26084, an OGNL injection vulnerability found within a component of Confluence Server…

In August, Orange Tsai released details and also spoke at BlackHat and DEFCON detailing his security research into Microsoft Exchange. His latest blog post…

The engineering team has been working tirelessly to improve the "what to wow" user experience, add more attack content, add…

Write the file supplied in the --file argument to the location specified in the --path argument. The file will be…