Resource Center
Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.
Filters
Showing 457–462 of 473 results
Probing Restrictions May Stilt Pentagon’s Vulnerability Disclosure Program for Contractors
SC Magazine: 04/06/2021 “What is going to be interesting with this formal process is how fast industry partners and government can and are willing to fix a reported finding,” said Monti Knode, director of customer and partners success at penetration testing company Horizon3.AI. Read entire article here
Read More Hackers are Actively Targeting FortiOS Vulnerabilities, Warn FBI and CISA
Silicon Angle: 04/05/2021 “Attackers are increasingly targeting critical external applications, and VPNs have been targeted even more this last year,” Zach Hanley, senior Red Team engineer at pentesting company Horizon3.AI Inc., told SiliconANGLE. “These three vulnerabilities targeting the Fortinet VPN allow an attacker to obtain valid credentials, bypass MFA and man-in-the-middle authentication traffic to intercept credentials. The common theme here...
Read More Fortinet FortiOS VPN Likely Exploited by Hackers, Feds Say
Channel Futures: 04/05/2021 Zach Hanley is senior red team engineer at Horizon3.AI. “Attackers are increasingly targeting critical external applications,” he said. “VPNs have been targeted even more this last year. These three vulnerabilities targeting the Fortinet VPN allow an attacker to obtain valid credentials, bypass multifactor authentication (MFA), and man-in-the-middle (MITM) authentication traffic to intercept credentials. The common theme here...
Read More FBI and CISA Warn About APTs Targeting FortiOS VPN Vulnerabilities
Tech Nadu: 04/03/2021 Zach Hanley, Senior Red team engineer at Horizon3.AI told us: “Attackers are increasingly targeting critical external applications – VPNs have been targeted even more this last year. These three vulnerabilities targeting the Fortinet VPN allow an attacker to obtain valid credentials, bypass multi-factor authentication (MFA), and man-in-the-middle (MITM) authentication traffic to intercept credentials. The common theme here...
Read More FBI and CISA: APT Groups Targeting Government Agencies
Gov Info Security: 04/03/2021 Zach Hanley, senior red team engineer at security firm Horizon3.ai, adds that the attackers can use the vulnerabilities to obtain valid credentials to perform man-in-the middle attacks, which will then help them to intercept authentication traffic. “The common theme here is: Once they are successful, they will look just like your normal users.” Read entire article...
Read More CISA Releases Supplemental Direction On Emergency Directive for Microsoft Exchange Server
Security Magazine: 04/02/2021 According to Anthony Pillitiere, Co-Founder and CTO at Horizon3.AI, “We will continue to see a significant increase in serious cyber attacks throughout 2021 using ubiquitous software like Exchange and SolarWinds as the attack vector. Organizations that lack a strong cyber security foundation will suffer, but organizations that have invested in the right talent, tools, processes, and partners...
Read More