Tag: Security Practitioner | Page 12

Art Ocain, Field CISO at Airiam, and Naveen Sunkavally, Chief Architect at Horizon3.ai join forces in this webinar, where you will gain an in-depth understanding of threat actors and their tactics through a LIVE attack simulation.

In Horizon3.ai’s three years of operation, we have conducted more than 15,000 pentests yielding results for our clients and data for our engineers. Join our CEO, Snehal Antani, for stories from the trenches.

This month we’ll take a look at the Log4shell example, and learn about how the distinction between being vulnerable and being exploitable is so important.

During this session we’ll also look at how AI powered Autonomous Pentesting finally gives organizations the ability to pentest themselves at scale to quickly identify their exploitable attack surface.

Over the last week, the widely reported critical security flaw in the Progress MOVEit Transfer application (CVE-2023-34362) reminded us yet again to remain vigilant in securing our IT infrastructure from potential cyber threat actors.

The Jerry machine from the Hack The Box platform nicely illustrates the danger of weak and default credentials.

Introduction Back in Aug. 2023 we released an advisory for CVE-2023-39143, a critical vulnerability that affects Windows installs of the PaperCut NG/MF print management software. Attackers can exploit this vulnerability to download and delete arbitrary files, and in...

Since introducing NTLM coercion techniques such as PetitPotam into the NodeZero platform, we frequently have security practitioners request help understanding these techniques and what impact they have to their enterprise. There is a lack of concise resources to...

Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability, CVE-2023-43208. If you’re a user of Mirth Connect, you’ll want to upgrade to the latest patch release, 4.4.1, as of this writing.

Business Wire: 06/06/22 Horizon3.ai is proud to announce its NodeZero Autonomous Penetration Testing has won the Best Penetration Test Solution Award from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine. Read entire...

Business Wire: 06/01/22 Horizon3.ai, a cybersecurity firm focused on autonomous penetration testing, today announced it has extended the capabilities of its NodeZero platform to include external penetration testing. With this enhancement, Horizon3.ai is the first...

Business Wire: 05/23/22 Horizon3.ai, a cybersecurity firm focused on autonomous penetration testing, today announced the appointment of Chris Hill as the Sector Head for Public Sector, Federal. Hill will execute Horizon3.ai’s vision for creating a better, more secure...

This month we’ll take a look at the Log4shell example, and learn about how the distinction between being vulnerable and being exploitable is so important.

The Jerry machine from the Hack The Box platform nicely illustrates the danger of weak and default credentials.

It's been more than six months since the Log4Shell vulnerability (CVE-2021-44228) was disclosed, and a number of post-mortems have come out talking about lessons learned and ways to prevent the next Log4Shell-type event from happening.

CVE-2022-28219 is an unauthenticated remote code execution vulnerability affecting Zoho ManageEngine ADAudit Plus, a compliance tool used by enterprises to monitor changes to Active Directory. The vulnerability comprises several issues: untrusted Java deserialization, path traversal, and a blind XML External Entities (XXE) injection. This is a vulnerability that NodeZero, our autonomous pentesting product, has exploited to not only execute code...

In this session, Noah and his mentors will not only explore why the Kerberoasting attack technique is so pervasive and how you can configure Kerberos better to avoid these attacks, but also alternative setups that allow you to avoid Kerberoasting altogether.

With the announcement of the addition of external penetration testing capabilities to NodeZero, Horizon3.ai is hosting a webinar to introduce this enhancement to our autonomous penetration testing platform. This extension of NodeZero’s capabilities makes Horizon3.ai the first cybersecurity company to offer both internal and external penetration testing in one self-service platform. Join Naveen Sunkavally, Horizon3.ai’s Chief Architect, and Monti Knode,...

Horizon3.ai adds NodeZero app to Splunkbase to improve the effectiveness of your Splunk deployments and ensure you’re logging the right data.

This journey's 4th installment is now up! As usual, this series stars up-in-coming ethical hacker Noah King. He's joined this time by Horizon3.ai Director of Customer Success, Monti Knode, and Senior Offensive Security Consultant from our alliance partner Echelon Risk + Cyber, James Stahl. During this Tech Talk you'll learn all about NTLM Relay.

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

Security Strategies

Industry Insights

Attack Research

No Results Found

Attack Content

Security Practitioner

Filters

How can NodeZero help you?