AWS Misconfiguration Leads to Buckets of Data
Misconfigured AWS Role Enables Cloud Initial Access
Read More 
Attack Research
Filters
Showing 25–30 of 76 results
Apache ActiveMQ RCE Leads to Domain Compromise
Pervasive CISA Known Exploited Vulnerability Enables Initial Access
Read More 
Cisco IOS XE CVE-2023-20198: Deep Dive and POC
Introduction This post is a follow up to https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-theory-crafting/. Previously, we explored the patch for CVE-2023-20273 and CVE-2023-20198 affecting Cisco IOS XE and identified some likely vectors an attacker might have used to exploit these vulnerabilities. Now, thanks to SECUINFRA FALCON TEAM’s honeypot, we have further insight into these vulnerabilities. POC See below for an example request that bypasses authentication...
Read More 
Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting
Introduction There has been a lot of news around the recent Cisco IOS XE vulnerabilities CVE-2023-20198 and CVE-2023-2073. Information about this vulnerability was first published by Cisco on October 16th, 2023, and since then we have seen evidence of mass exploitation and implantation. In this post we share our technical insights so far into these vulnerabilities. Cisco IOS XE Architecture...
Read More 
NextGen Mirth Connect Remote Code Execution Vulnerability (CVE-2023-43208)
Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability, CVE-2023-43208. If you’re a user of Mirth Connect, you’ll want to upgrade to the latest patch release, 4.4.1, as of this writing.
Read More 
VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs
Introduction This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/. Earlier this year we reported the technical details for VMSA-2023-0001 affecting VMware Aria Operations for Logs (formerly VMware vRealize Log Insight). In that report, we showed how an attacker could use three different CVEs to achieve remote code execution. During the course of that investigation, we noticed the fix provided by...
Read More How can NodeZero help you?
Let our experts walk you through a demonstration of NodeZero, so you can see how to put it to work for your company.