Resource Center

Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.

LATEST VULNERABILITIES

WEBINAR REPLAY

SEARCH

CATEGORIES

TAGS

    Blogs

    Understanding the Actively-Exploited Ivanti CVE’s

    January 22, 2024
    Two recent Ivanti CVEs are being actively exploited by suspected nation-state threat actors.
    Read More →
    Whitepapers

    Five Key Outcomes of Continuous Security Assessments in Manufacturing

    January 17, 2024
    Manufacturers face an unprecedented array of challenges, from fierce competition to rapid technological advancements. Amid these shifts, ransomware threats have evolved into an imminent danger that can cripple manufacturers.
    Read More →
    Whitepapers

    A Preemptive Approach to Defeat Ransomware in Healthcare

    January 17, 2024
    Healthcare organizations recognize they need a preemptive approach to help them discover their truly exploitable vulnerabilities, show them how to fix the issues at hand, then verify their fix worked. Discover the facts about how NodeZero is redefining healthcare security in our comprehensive whitepaper.
    Read More →
    Attack Blogs, Disclosures

    Writeup for CVE-2023-43208: NextGen Mirth Connect Pre-Auth RCE

    January 12, 2024
    Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability, CVE-2023-43208. If you’re a user of Mirth Connect, you’ll want to upgrade to the latest patch release, 4.4.1, as of this writing.
    Read More →
    Attack Blogs, Disclosures

    Writeup for CVE-2023-39143: PaperCut WebDAV Vulnerability

    January 12, 2024
    Introduction Back in Aug. 2023 we released an advisory for CVE-2023-39143, a critical vulnerability that affects Windows installs of the PaperCut NG/MF print management software. Attackers can exploit this vulnerability to download and delete arbitrary files, and in certain common configurations upload files, leading to remote code execution. This vulnerability was patched in PaperCut version…
    Read More →
    Infographics

    The Total Economic Impact™ Of The NodeZero™ Platform Infographic

    January 10, 2024
    The NodeZero™ platform helps organizations improve SecOps productivity and save on third-party pentest & vulnerability scanner costs. Learn how in the commissioned Forrester Consulting Total Economic Impact™ study. Download the Study
    Read More →
    Attack Paths

    The Elephant In the Room – NTLM Coercion and Understanding Its Impact

    January 9, 2024
    Since introducing NTLM coercion techniques such as PetitPotam into the NodeZero platform, we frequently have security practitioners request help understanding these techniques and what impact they have to their enterprise. There is a lack of concise resources to inform Blue Teams on how these techniques work, and clearly distinguishing them from other misconfigurations/vulnerabilities in the…
    Read More →
    Whitepapers

    An Offensive Approach to Defeat Human-Operated Ransomware in Education

    January 7, 2024
    Educational institutions are treasure troves of valuable PII information, making them prime targets for ransomware attacks. It’s time for a paradigm shift. It’s time to go on the offensive.
    Read More →
    Customer Stories

    Airiam: Turning Cyber Resilience into a Superpower

    January 4, 2024
    The first NodeZero demo was game-changing according to Airiam. “It looked amazing…it blew everything out of the water in comparison to other products.”...
    Read More →
    Customer Stories

    Revolutionizing Cybersecurity: F12.net’s Journey with Autonomous Penetration Testing

    January 3, 2024
    How an MSSP Turned NodeZero into a High-Demand Service Offering
    Read More →