Resource Center

Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.

LATEST VULNERABILITIES

WEBINAR REPLAY

SEARCH

CATEGORIES

TAGS

    Customer Stories

    Airiam: Turning Cyber Resilience into a Superpower

    January 4, 2024
    The first NodeZero demo was game-changing according to Airiam. “It looked amazing…it blew everything out of the water in comparison to other products.”...
    Read More →
    Customer Stories

    Revolutionizing Cybersecurity: F12.net’s Journey with Autonomous Penetration Testing

    January 3, 2024
    How an MSSP Turned NodeZero into a High-Demand Service Offering
    Read More →
    Video

    The Total Economic Impact of the NodeZero Platform

    Join this dynamic conversation with Guest Forrester Consultant Luca Son and Horizon3.ai CEO and Co-Founder Snehal Antani. Our featured speakers will explore the findings of the new The Total Economic Impact™ (TEI) of the NodeZero Platform, a study Horizon3.ai commissioned from Forrester Consulting. You’ll learn about: The challenges these security teams hoped faced with costly,…
    Watch Now →
    Forrester TEI Webinar
    Attack Paths

    AWS Misconfiguration Leads to Buckets of Data

    December 8, 2023
    Misconfigured AWS Role Enables Cloud Initial Access
    Read More →
    Video

    Fireside Chat: Horizon3.ai and Airiam

    Stephen Gates, Principal Security SME at Horizon3.ai and Art Ocain, CISO and Strategic Alliances Management at Airiam discuss: - Why there is a growing demand for Managed Resiliency Services in todays’ enterprises. - What Airiam does to help clients improve their business resiliency against cyberattacks. - How NodeZero™ reduces vulnerabilities by ~50% across Airiam’s entire…
    Watch Now →
    Attack Paths

    Apache ActiveMQ RCE Leads to Domain Compromise

    December 1, 2023
    Pervasive CISA Known Exploited Vulnerability Enables Initial Access
    Read More →
    Blogs

    Insight – Holiday Threat Awareness 2023

    December 1, 2023
    Amidst the hustle and bustle of holiday preparations and last-minute shopping, cybercriminals often take advantage of the increased online activity and spending complacency of individuals and businesses...
    Read More →
    Video

    Fireside Chat: Horizon3.ai and F12.net

    Stephen Gates, Principal Security SME at Horizon3.ai and Calvin Engen, Chief Technology Officer, and Managing Partner of F12.net discuss: - Why there is a such growing demand for managed cybersecurity services. - What’s helping F12 clients meet and exceed cybersecurity standards and best practices. - Where Calvin thinks the security industry is headed and what…
    Watch Now →
    Attack Blogs

    Cisco IOS XE CVE-2023-20198: Deep Dive and POC

    October 30, 2023
    Introduction This post is a follow up to https://horizon3.ai/attack-research/attack-blogs/cisco-ios-xe-cve-2023-20198-theory-crafting/. Previously, we explored the patch for CVE-2023-20273 and CVE-2023-20198 affecting Cisco IOS XE and identified some likely vectors an attacker might have used to exploit these vulnerabilities. Now, thanks to SECUINFRA FALCON TEAM's honeypot, we have further insight into these vulnerabilities. POC See below for an…
    Read More →
    Attack Blogs

    Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting

    October 25, 2023
    Introduction There has been a lot of news around the recent Cisco IOS XE vulnerabilities CVE-2023-20198 and CVE-2023-2073. Information about this vulnerability was first published by Cisco on October 16th, 2023, and since then we have seen evidence of mass exploitation and implantation. In this post we share our technical insights so far into these…
    Read More →
    Cisco IOS XE CVE-2023-20198 and CVE-2023-20273 WebUI Internals, Patch Diffs, and Theory Crafting