New in NodeZero®

Additional visibility into Iranian-backed threat actor activity | Available now to all customers

Security Practitioner

SEARCH

CATEGORIES

TAGS

    Whitepapers

    2022 SANS Analyst Report

    April 17, 2022
    SANS First Look: New technologies are emerging to help provide more consistent, repeatable pen tests that mimic real-world attack techniques.
    Read More →
    Video

    Tech Talk: The Attackers Journey Pt. 2

    This series centers around how to be an ethical hacker and the steps/processes to get there. In part 2, topics like understanding SQL injection; what SQL injection leads to; why defenders, IT Operators, etc. should care; and so much more were discussed.
    Watch Now →
    Tech Talk: The Attackers Journey Part 2
    Video

    Tech Talk: The Attackers Journey Pt.1

    Join us in side-saddling on an attacker’s journey with Noah King to become an ethical hacker!
    Watch Now →
    Tech Talk: The Attackers Journey Part 1
    Attack Blogs

    Using NodeZero to Find and Fix Log4Shell

    January 6, 2022
    Log4Shell is a "once-in-a-decade" type of vulnerability that will linger in environments for years to come. For a vulnerability with such a broad, lasting impact, it's important to establish a principled and disciplined approach for discovering and remediating it. NodeZero both detects and exploits Log4Shell, surfacing a wealth of information that can be used to…
    Read More →
    Attack Blogs

    Understanding Log4Shell: the Apache log4j2 Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046)

    December 10, 2021
    Understanding Log4Shell: the Apache log4j2 Remote Code Execution Vulnerability (CVE-2021-44228)
    Read More →
    Whitepapers

    The Purple Pivot

    November 18, 2021
    This Red vs. Blue approach to cybersecurity is unsustainable, and often does more harm than good. The goal should be Red AND Blue, working together.
    Read More →
    Disclosures

    Multiple Vulnerabilities in ResourceSpace

    November 9, 2021
    During our assessment of the ResourceSpace code base, we found three new vulnerabilities that could be exploited by an unauthenticated attacker. The most critical is CVE-2021-41765, a pre-auth SQL injection that an attacker can abuse to gain remote code execution (RCE) privileges on the ResourceSpace server.
    Read More →
    Attack Blogs

    Apache CVE-2021-41773, CVE-2021-42013

    October 18, 2021
    We wanted to do something a little bit different with this post. Our vulnerability disclosures, exploit proof-of-concepts, and attack analysis blog posts have been awesome, but they have been catering to an offensive security audience.
    Read More →
    Apache CVE-2021-41773, CVE-2021-42013
    Whitepapers

    Exposed & Exploited

    October 16, 2021
    While so many are focused on vulnerabilities and malware on endpoints, understanding the attack paths an attacker would exploit to hold your business and brand at risk is key.
    Read More →
    Whitepaper: Exposed and Exploited
    Attack Blogs

    Compromising vCenter via SAML Certificates

    October 4, 2021
    Overview A common attack path that Horizon3 has identified across many of its customers is abusing access to the VMware vCenter Identity Provider (IdP) certificate. Security Assertion Markup Language (SAML) has proved to be a hotbed of vulnerabilities within the last year, as well as a target of many cybercrime syndicates and APTs. In the…
    Read More →
    Compromising vCenter via SAML Certificates