Horizon3.ai
Horizon3.ai

Security Practitioner

Filters

Tags

Showing 31–36 of 99 results

VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs

Introduction This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/. Earlier this year we reported the technical details for VMSA-2023-0001 affecting VMware Aria Operations for Logs (formerly VMware vRealize Log Insight). In that report, we showed how an attacker could use three different CVEs to achieve remote code execution. During the course of that investigation, we noticed the fix provided by...
Read More

Tech Talk: Journey to OSCP

Horizon3.ai Senior Engineer Noah King discusses the journey of obtaining an Offensive Security Certified Professional (OSCP) certification. Whether you're a cybersecurity enthusiast or a beginner looking to explore the field, you'll learn tips and tricks to help you navigate the certification process, including: - How to get started in Offensive Security with little or no prior experience. - An understanding...
Read More

Apache Superset Part II: RCE, Credential Harvesting and More

Apache Superset is a popular open source data exploration and visualization tool. In a previous post, we disclosed a vulnerability, CVE-2023-27524, affecting thousands of Superset servers on the Internet, that enables unauthorized attackers to gain admin access to these servers. We also alluded to methods that an attacker, logged in as an admin, could use to harvest credentials and execute...
Read More

Enhancing Splunk Deployments with NodeZero

As security threats continue to evolve and become more sophisticated, the need for advanced security mechanisms and strategies has become paramount. Two technologies that stand out in this domain are the NodeZero platform and Splunk.
Read More

Ivanti Sentry Authentication Bypass CVE-2023-38035 Deep Dive

Introduction Ivanti has recently published an advisory for CVE-2023-38035. The vulnerability has been added to CISA KEV and is described as an authentication bypass in the Ivanti Sentry administrator interface. This new vulnerability comes on the heels of an in-the-wild-exploited vulnerability in Ivanti EPMM (CVE-2023-35078). In this post we will take a deep dive into how this new vulnerability can...
Read More

How can NodeZero help you?

Let our experts walk you through a demonstration of NodeZero, so you can see how to put it to work for your company.