Category: Attack Research | Page 4

October 20, 2023 | Attack Blogs

Introduction This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/. Earlier this year we reported the technical details for VMSA-2023-0001 affecting…

CVE-2023-20198,Cisco IOS XE Web UI Vulnerability

October 19, 2023 | Attack Blogs

On Monday, 16 October, Cisco reported a critical zero-day vulnerability in the web UI feature of its IOS XE software…

September 6, 2023 | Attack Blogs, Disclosures

Apache Superset is a popular open source data exploration and visualization tool. In a previous post, we disclosed a vulnerability,…

August 24, 2023 | Attack Blogs

Introduction Ivanti has recently published an advisory for CVE-2023-38035. The vulnerability has been added to CISA KEV and is described…

August 10, 2023 | Attack Blogs

Introduction In December 2022, we competed at our first pwn2own. We were able to successfully exploit the Lexmark MC3224i using…

August 7, 2023 | Attack Paths

A NodeZero autonomous attack that leveraged two weaknesses to achieve domain compromise in 33 minutes, 9 seconds.

August 7, 2023 | Attack Paths

Active Directory Analytics Solution Enables Domain Compromise

August 4, 2023 | Attack Blogs, Disclosures

Summary CVE-2023-39143 is a critical vulnerability we disclosed to PaperCut that affects the widely used PaperCut NG/MF print management software.…

July 26, 2023 | Attack Paths

Combining Compromised Credentials Enables Domain Takeover

July 26, 2023 | Attack Paths

Low-Level Vulnerability Leads to Domain Compromise

Attack Research

Filter Content: