Horizon3.ai
  • NodeZero™
    • What is NodeZero?
    • Who Uses NodeZero?
    • Internal Pentesting
    • External Pentesting
    • N-day Testing
    • AD Password Audit
    • Documentation
  • Learn
    • By Industry
      • Healthcare
      • Manufacturing
      • Public Sector
    • Attack Content
      • Credential Attacks
      • Log4Shell
      • Ransomware Impact
    • Security Controls
      • Compliance In Security
      • Effective Security
      • For Splunk Logging
      • Purple Team Culture
      • Vulnerable ≠ Exploitable
    • Customer Stories
    • Research
      • Red Team
        • Disclosures
      • Videos
    • Podcasts
    • Whitepapers
    • Year in Review 2022
  • About
    • Our Vision
    • The Team
    • Join Our Team
    • Contact Us
    • Press Releases
    • Awards
  • Events
  • Partners
    • Partners
    • MSSPs and MSPs
    • Partner Portal
  • Log In
  • Try NodeZero
    • Demo
    • Free Trial
Select Page

Over 1,500 apps found leaking API keys and potentially exposing user data

by Justin Young | Nov 21, 2022 | News

SiliconANGLE: 11/21/22 Chad Glinsky, backend engineer at security posture company Horizon3.ai, commented that all users should understand that API keys are effectively a username and password. Read the entire article here

FBI Targeted by Russian Hackers in Latest String of Attacks Against U.S. Government Websites

by Justin Young | Nov 18, 2022 | News

ClearanceJobs: 11/18/22 “With the rise in successful cyber attacks against the United States government and its federal agencies, many are right to wonder whether the public sector’s approach to cybersecurity is in need of a serious change.” Read the...

Cloud security isn’t guaranteed because a provider is well-known, expert says

by Justin Young | Nov 14, 2022 | News

SC Media: 11/14/22 Brad Hong, customer success manager at Horizon3ai, said he and his team constantly see huge blast radii in attacks and penetration tests originate from the smallest misconfiguration, or even lack of configuration, allowing attacker’s to simply...

Russian Software Found in Smartphone App Used by CDC and U.S. Army

by Justin Young | Nov 14, 2022 | News, Uncategorized

ClearanceJobs: 11/14/22 “After being branded as an American company, the revelation of Pushwoosh being a Russian-originated software firm comes as yet another embarrassment to Apple and Google in the privacy domain,” explained Taylor Ellis, customer threat analyst at...

Verifying Credentialed Access to Your Hybrid Cloud Sprawl Matters More Than Ever

by Justin Young | Nov 1, 2022 | News

Security Boulevard: 11/01/22 Everyone is talking about infrastructure and environments, the cost, the speed – but core to all that incredible capability remains our credentials. Read the entire article here
Next Entries »

Categories

  • Blog
    • Industry Insights
    • Hack The Box
    • Red Team
      • Disclosures
  • Videos
  • Horizon3.ai in the News

Tags

account compromise Alliance Partners Apache Awards Channel Partners Consultants Credential Attacks Download education Executive Webinar Fortinet Healthcare IAmNodeZero law enforcement LLMNR Log4j Log4Shell m&a MITRE MSP MSSP nation states Partner Program passwords password spray pen testing press release Product Update Purple Team RCE vulnerability Resellers vmware Webinar

Recent Blogs

  • Apache Superset Part II: RCE, Credential Harvesting and MoreSeptember 6, 2023
  • Ivanti Sentry Authentication Bypass CVE-2023-38035 Deep DiveAugust 24, 2023
  • Lexmark Command Injection Vulnerability ZDI-CAN-19470 Pwn2Own Toronto 2022August 10, 2023
  • CVE-2023-39143: PaperCut Path Traversal/File Upload RCE VulnerabilityAugust 4, 2023
  • INSIGHT – MOVEit Zero-Day Reminds Us Yet Again to Be Diligent in Monitoring Our IT InfrastructureJune 15, 2023

Contact Us

info@horizon3.ai
press@horizon3.ai
650-445-4457

Follow Us

Recent Posts

  • Apache Superset Part II: RCE, Credential Harvesting and More
    4 weeks ago
  • Ivanti Sentry Authentication Bypass CVE-2023-38035 Deep Dive
    1 month ago

Subscribe to Community Updates

© 2022 All Rights Reserved.  |   Privacy Policy   |   Support Policy   |   Terms of Service
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
__cfruidsessionCloudflare sets this cookie to identify trusted web traffic.
_GRECAPTCHA5 months 27 daysThis cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement1 yearSet by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent1 yearRecords the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
OptanonConsent1 yearOneTrust sets this cookie to store details about the site's cookie category and check whether visitors have given or withdrawn consent from the use of each category.
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
CookieDurationDescription
AnalyticsSyncHistory1 monthLinkedIn - Used to store information about the time a sync took place with the lms_analytics cookie
bcookie2 yearsLinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie2 yearsLinkedIn sets this cookie to store performed actions on the website.
langsessionLinkedIn sets this cookie to remember a user's language setting.
li_gc2 yearsLInkedIn Used to store consent of guests regarding the use of cookies for non-essential purposes
lidc1 dayLinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory1 monthLinkedIn sets this cookie for LinkedIn Ads ID syncing.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
CookieDurationDescription
_calendly_session21 daysCalendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
CookieDurationDescription
_ga2 yearsThe _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_V462VSRXXS2 yearsThis cookie is installed by Google Analytics.
6suuid2 years6sense is a B2B predictive intelligence engine for marketing and sales.
CONSENT2 yearsYouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
pardotpastThe pardot cookie is set while the visitor is logged in as a Pardot user. The cookie indicates an active session and is not used for tracking.
visitorId1 yearSalesforce
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
CookieDurationDescription
VISITOR_INFO1_LIVE5 months 27 daysA cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSCsessionYSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt.innertube::nextIdneverThis cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requestsneverThis cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
CookieDurationDescription
lpv97107330 minutesNo description
SAVE & ACCEPT
Powered by CookieYes Logo