Resource Center

December 8, 2023 | Attack Paths

Misconfigured AWS Role Enables Cloud Initial Access

December 1, 2023 | Webinar Replays

Stephen Gates, Principal Security SME at Horizon3.ai and Art Ocain, CISO and Strategic Alliances Management at Airiam discuss: - Why…

December 1, 2023 | Attack Paths

Pervasive CISA Known Exploited Vulnerability Enables Initial Access

December 1, 2023 | Blogs

Amidst the hustle and bustle of holiday preparations and last-minute shopping, cybercriminals often take advantage of the increased online activity…

October 31, 2023 | Webinar Replays

Stephen Gates, Principal Security SME at Horizon3.ai and Calvin Engen, Chief Technology Officer, and Managing Partner of F12.net discuss: -…

October 30, 2023 | Attack Blogs

Introduction This post is a follow up to https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-theory-crafting/. Previously, we explored the patch for CVE-2023-20273 and CVE-2023-20198 affecting Cisco…

Cisco IOS XE CVE-2023-20198 and CVE-2023-20273 WebUI Internals, Patch Diffs, and Theory Crafting

October 25, 2023 | Attack Blogs

Introduction There has been a lot of news around the recent Cisco IOS XE vulnerabilities CVE-2023-20198 and CVE-2023-2073. Information about…

October 25, 2023 | Attack Blogs, Disclosures

Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to…

October 20, 2023 | Attack Blogs

Introduction This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/. Earlier this year we reported the technical details for VMSA-2023-0001 affecting…

CVE-2023-20198,Cisco IOS XE Web UI Vulnerability

October 19, 2023 | Attack Blogs

On Monday, 16 October, Cisco reported a critical zero-day vulnerability in the web UI feature of its IOS XE software…