Industry Intelligence

XorDdos Is continuing to hunt servers with weak passwords. According to a recent post from Microsoft, there’s been a 254% increase in activity from XorDdos – an eight-year-old network of infected Linux machines used for DDoS attacks.

Horizon3.ai news, including an award nomination, plus cybersecurity updates for education and M&A.

The Log4Shell RCE vulnerability in Apache Log4j, CVE-2021-44228, dates to 2013 when Log4j 2.0-beta9 was released. An analysis of our pentesting data using NodeZero identified and provided proof of exploit for over 105 unique instances of the CVE within our customers’ environments.

Noah King, Brad Hong, and Jake Murphy were back at it again with this third installment of 'The Attackers Journey'. This series has focused on Noah King on his journey to become an ethical hacker. Pt. 3 was no different, with a focus on Server-Side Request Forgery!

It took just two days for a pair of researchers from Horizon3.ai to discover exploits for the new F5 BIG-IP vulnerability, and have called for devices to be immediately updated to protect against bad actors.

It’s World Password Day, but it’s never a bad time to think about credential security and usage. Credentialed attacks are the most popular means of entry into any digital infrastructure, and remain the easiest method of reconnaissance and privilege escalation for bad actors. With some of the most sophisticated open-source attack tools to date, it’s…

Learn how NodeZero empowers customers to run continuous penetration tests to find vulnerabilities from an attacker’s perspective, to verify fixes after remediation, and hold the EDR and the rest of the security stack accountable for delivering on their capabilities as designed.

This series centers around how to be an ethical hacker and the steps/processes to get there. In part 2, topics like understanding SQL injection; what SQL injection leads to; why defenders, IT Operators, etc. should care; and so much more were discussed.

Many penetration tests are only point-in-time and/or manual. In this Horizon3.ai sponsored webcast from SANS, take a First Look at how Horizon3.ai’s NodeZero takes on the pen test problem.  Listen to SANS Senior Instructor Dave Shackleford and Horizon3.ai’s CEO and Co-Founder Snehal Antani discuss the platform’s highlights and why it might be right for your…

David Raviv, host of NYIS Meetup, Snehal Antani, CEO and Co-founder of Horizon3, Steve Ramey of Arete Advisors LLC, and Mark Rasch, computer security and privacy expert, lawyer, author, and commentator, met for a panel discussion over 'How do you know it's fixed?' Learn about: - Employing a defense strategy w/ multiple layers - Identifying…