Resource Center

Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.

LATEST VULNERABILITIES

WEBINAR REPLAY

SEARCH

CATEGORIES

TAGS

    Attack Blogs

    The Long Tail of Log4Shell Exploitation

    July 13, 2022
    It's been more than six months since the Log4Shell vulnerability (CVE-2021-44228) was disclosed, and a number of post-mortems have come out talking about lessons learned and ways to prevent the next Log4Shell-type event from happening.
    Read More →
    Disclosures

    CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus

    June 29, 2022
    CVE-2022-28219 is an unauthenticated remote code execution vulnerability affecting Zoho ManageEngine ADAudit Plus, a compliance tool used by enterprises to monitor changes to Active Directory. The vulnerability comprises several issues: untrusted Java deserialization, path traversal, and a blind XML External Entities (XXE) injection. This is a vulnerability that NodeZero, our autonomous pentesting product, has exploited…
    Read More →
    Video

    Tech Talk: The Attackers Journey Pt. 5

    In this session, Noah and his mentors will not only explore why the Kerberoasting attack technique is so pervasive and how you can configure Kerberos better to avoid these attacks, but also alternative setups that allow you to avoid Kerberoasting altogether.
    Watch Now →
    The Attacker's Journey - Becoming an Ethical Hacker Part 5
    Video

    Webinar: External Autonomous Pentesting

    With the announcement of the addition of external penetration testing capabilities to NodeZero, Horizon3.ai is hosting a webinar to introduce this enhancement to our autonomous penetration testing platform. This extension of NodeZero’s capabilities makes Horizon3.ai the first cybersecurity company to offer both internal and external penetration testing in one self-service platform. Join Naveen Sunkavally, Horizon3.ai’s…
    Watch Now →
    External Webinar Flyer
    Blogs

    What Upcoming State Data Privacy Laws Mean for Businesses

    June 27, 2022
    A new privacy study has found that 60% of states are moving toward new privacy laws. Implementation at the state level is slow.
    Read More →
    3D modeled Gavel Wireframe in digital space
    Blogs

    Horizon3.ai Adds NodeZero App for Splunk on Splunkbase  

    June 23, 2022
    Horizon3.ai adds NodeZero app to Splunkbase to improve the effectiveness of your Splunk deployments and ensure you’re logging the right data.
    Read More →
    Customer Stories

    Horizon3.ai allows us to maximize security with minimum effort

    June 17, 2022
    NodeZero identified those critical few vulnerabilities that are actually exploitable, allowing us to maximize increased security with minimum effort.
    Read More →
    Blogs

    Roundup: FBI Warns of Stolen Credentials in Higher Ed

    June 17, 2022
    The FBI has warned that cybercriminals were selling stolen credentials information from higher education organizations on Russian hacker forums.
    Read More →
    FBI Building in Washington, DC
    Blogs

    How Healthcare Organizations Can Assess Their Security (Affordably)

    June 14, 2022
    Digital transformation of healthcare can lead to better treatments, improved outcomes, and reduced costs for healthcare organizations.
    Read More →
    Healthcare worker in full scrubs, cap, and mask using a computer
    Customer Stories

    How NodeZero Helped the City of St. Petersburg Improve Its Defenses

    June 14, 2022
    As the Information Technology Security Officer for the City of St. Petersburg, FL, Brian Campbell is always on the lookout for ways to elevate the city’s security posture. A cold phone call from Horizon3.ai led to a test run of NodeZero, with its capacity to save time and effort assessing and addressing potential weaknesses.
    Read More →