Resource Center
Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.
Filters
Showing 289–294 of 473 results
IT giant restores systems after ‘malware attack’ crippled operations
The Record: 07/12/22 While SHI has denied repeatedly that no customer information was accessed, Horizon3ai cybersecurity expert Brad Hong said it will be interesting to see over the next weeks and even years what the true impact of the attack is on SHI, its confidential/proprietary data, and most importantly, its customers. Read the entire article here
Read More Experts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus tool
Security Affairs: 07/2/22 The unauthenticated remote code execution vulnerability was discovered by security researcher Naveen Sunkavally at Horizon3.ai and addressed by the vendor in March. Read the entire article here
Read More “Audit this”: Active Directory audit tool had a pre-auth RCE-shaped hole in it
The Stack: 07/1/22 The vulnerabilities were in Zoho ManageEngine ADAudit Plus and allocated CVE-2022-28219. They were reported by US security firm Horizon3.ai which said it regularly encounters the product in penetration tests and that it could be an attractive target to attackers “because of the privileged access [it has] to Active Directory.”. Read the entire article here
Read More Zoho ManageEngine ADAudit Plus bug gets public RCE exploit
Bleeping Computer: 07/1/22 Earlier this week, Horizon3.ai published a blog post explaining the technical aspects behind CVE-2022-28219 along with proof-of-concept exploit code that demonstrates the findings.. Read the entire article here
Read More Horizon3.ai Named to First-ever MES Matters – Key Vendors Serving the Midmarket List
AIthority: 06/30/22 “Security teams are overextended and universally share that one of the hardest parts of cybersecurity is deciding what not to fix,” said Snehal Antani, Horizon3.ai Co-Founder and CEO, and the Former CTO of the US Joint Special Operations Command (JSOC). “We specifically developed NodeZero to filter the noise and make it unmistakably apparent which critical impacts must be fixed...
Read More Critical ManageEngine ADAudit Plus Vulnerability Allows Network Takeover, Mass Data Exfiltration
Dark Reading: 06/30/22 Horizon3.ai chief architect Naveen Sunkavally explains that ManageEngine products are very common in the enterprise and have been favorite targets of attackers over the years.. Read the entire article here
Read More