Research Blog
Welcome to our cybersecurity research blog where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.
Here you’ll find extensive research and insight from the well-known Horizon3.ai attack team, intuitive perspectives on everything security, and real-world attack path short stories that come directly from discoveries made by NodeZero.
Filters
Showing 1–6 of 144 results
Fireside Chat: Horizon3.ai and Komori
Komori America's Director of IT, Andy Katz, joins Horizon3.ai's Principal Security SME, Stephen Gates, to discuss how Andy's adaptation of IT technology has dramatically changed over time, the greatest cyber threats to Komori and his firsthand experiences, and why Komori selected #NodeZero to help secure their environments, including some of Andy's initial observations.
Read More Ensuring Cybersecurity: Horizon3.ai’s Rapid Response Service in Action
How Horizon3.ai’s Rapid Response Identified and Mitigated a Critical Mirth Connect Vulnerability A key consideration in cybersecurity is determining whether a known software vulnerability is actually exploitable. This often depends on how and where the at-risk software is deployed in your environment. To address the need to find what’s exploitable, Horizon3.ai developed and recently unveiled its Rapid Response service. This...
Read More Enhancing Vulnerability Management: Integrating Autonomous Penetration Testing
Traditional vulnerability scanning tools are enhanced with NodeZero's autonomous penetration testing, revolutionizing Vulnerability Management by providing comprehensive risk assessment, exploitability analysis, and cross-host vulnerability chaining, empowering organizations to prioritize and mitigate security weaknesses strategically.
Read More Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces
This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces platform after a recently reported potential breach.
Read More CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability
Introduction Ivanti Endpoint Manager (EPM) is an enterprise endpoint management solution that allows for centralized management of devices within an organization. On May 24, 2024, ZDI and Ivanti released an advisory describing a SQL injection resulting in remote code execution with a CVSS score of 9.8. In this post we will detail the internal workings of this vulnerability. Our POC...
Read More CVE-2023-48788: Revisiting Fortinet FortiClient EMS to Exploit 7.2.X
Introduction Our last blog post on the FortiClient EMS SQL injection vulnerability, CVE-2023-48788, as it turns out only worked on 7.0.x versions. This article will discuss the differences in exploitation between FortiClient EMS’s two mainline versions: 7.0.x and 7.2.x. When writing exploits for different versions of vulnerable software, the differences in the exploit are usually small, such as different offsets,...
Read More