Using NodeZero to Find and Fix Log4Shell

Using NodeZero to Find and Fix Log4Shell

Since news of the Log4Shell vulnerability (CVE-2021-44228/CVE-2021-45046) broke last month, infosec teams have been scrambling to find instances of the vulnerability in their environments and remediate them. It’s been a challenge because of the breadth of impact: any...
Apache CVE-2021-41773, CVE-2021-42013

Apache CVE-2021-41773, CVE-2021-42013

Overview We wanted to do something a little bit different with this post. Our vulnerability disclosures, exploit proof-of-concepts, and attack analysis blog posts have been awesome, but they have been catering to an offensive security audience. Our new approach will...
Compromising vCenter via SAML Certificates

Compromising vCenter via SAML Certificates

Overview A common attack path that Horizon3 has identified across many of its customers is abusing access to the VMware vCenter Identity Provider (IdP) certificate. Security Assertion Markup Language (SAML) has proved to be a hotbed of vulnerabilities within the last...