Resource Center
Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.
Filters
Showing 139–144 of 473 results
Ivanti Sentry Authentication Bypass CVE-2023-38035 Deep Dive
Introduction Ivanti has recently published an advisory for CVE-2023-38035. The vulnerability has been added to CISA KEV and is described as an authentication bypass in the Ivanti Sentry administrator interface. This new vulnerability comes on the heels of an in-the-wild-exploited vulnerability in Ivanti EPMM (CVE-2023-35078). In this post we will take a deep dive into how this new vulnerability can...
Read More 
Go Hack Yourself: War Stories from ~20k Pentests with NodeZero │ Security Weekly
Horizon3.ai CEO Snehal Antani discuss several real-world examples of what autonomous pentesting discovered in networks just like yours. You’ll hear more about how fast and easy it was to safely compromise some of the biggest (and smallest) networks in the world - with full domain takeover in a little more than a few hours. Learn how you can safely do...
Read More Lexmark Command Injection Vulnerability ZDI-CAN-19470 Pwn2Own Toronto 2022
Introduction In December 2022, we competed at our first pwn2own. We were able to successfully exploit the Lexmark MC3224i using a command injection 0-day. This post will detail the process we used to discover, weaponize, and have some fun with this vulnerability. You can find our POC here. Printer Acquisition It was rather difficult to acquire the Lexmark MC3224adwe. So...
Read More Horizon3.ai Raises $40M Series C to Confront Attackers with Proactive, Continuous Security Testing
Business Wire 08/08/2023 Horizon3.ai, a leading provider of autonomous security solutions, today announced $40M in Series C funding led by Craft Ventures with participation from Signal Fire. With 3x customer growth year-over-year, Horizon3.ai’s NodeZero™ platform has quickly become a leading industry tool for autonomous pentesting, helping customers quickly verify their security posture and reduce their exploitable attack surface. This funding...
Read More 
NodeZero Pivots Through Your Network with the Attacker’s Perspective
A NodeZero autonomous attack that leveraged two weaknesses to achieve domain compromise in 33 minutes, 9 seconds.
Read More 
Directing penetration testing at attack surface management
Last Watchdog Editor-In-Chief Byron Acohido interviews Horizon3.ai CEO Snehal Antani about advanced pentesting tools and services.
Read More