Attack Blogs



Showing 31–36 of 46 results

Metrics That Matter: An Attacker’s Perspective on Assessing Password Policy

After compromising a Windows domain controller, one of the actions that NodeZero, our autonomous pentest product, performs is dumping all domain user password hashes from the Active Directory database. This is a common attacker technique, and the resulting dump is highly valuable to attackers. But did you know that this data is a great source of insight for defenders too?
Read More

OpenSSL Critical Vulnerability: Should You Be Spooked?

On Tuesday, October 25 a new OpenSSL hot-fix release was announced which will patch a critical vulnerability that exists within the v3.0.X branch. OpenSSL 3.0.7 will be released on Tuesday, November 1 and in tandem the details of the vulnerability and its associated CVE will be made public. OpenSSL is an open source project that provides easy to use cryptographic...
Read More

FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass IOCs (CVE-2022-40684)

Introduction The recent FortiOS / FortiProxy / FortiSwitchManager CVE has been reportedly exploited in the wild. We would like to provide additional insight into the vulnerability so users can begin to determine if they have been compromised. In this post we discuss enabling logging and IOCs for FortiOS 7.2.1. These steps will likely work on other vulnerable products, however we...
Read More

The Long Tail of Log4Shell Exploitation

It's been more than six months since the Log4Shell vulnerability (CVE-2021-44228) was disclosed, and a number of post-mortems have come out talking about lessons learned and ways to prevent the next Log4Shell-type event from happening.
Read More

How can NodeZero help you?

Let our experts walk you through a demonstration of NodeZero, so you can see how to put it to work for your company.