Resource Center
Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.
Filters
Showing 7–12 of 462 results
CVE-2024-28987: SolarWinds Web Help Desk Hardcoded Credential Vulnerability Deep-Dive
On August 13, 2024, SolarWinds released a security advisory for Web Help Desk (WHD) that detailed a deserialization remote code execution vulnerability. This vulnerability, CVE-2024-28986, was added to CISA’s Known Exploited Vulnerability (KEV) catalog two days later on August 15, 2024. The advisory states: SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution...
Read More Century-Long Innovation: A Legacy of Outpacing Cyber Threats
Discover how Komori, a century-old printing giant, is leading the charge in cybersecurity innovation by adapting to internet-connected risks and utilizing advanced solutions like NodeZero to safeguard their legacy.
Read More Nicholas Warner Joins Horizon3.ai as Independent Board Director, Bringing Over Two Decades of Cybersecurity Expertise
Business Wire 09/19/2024 Horizon3.ai, a global leader in autonomous security, announces that Nicholas Warner has joined its board as an Independent Director. Warner brings over two decades of cybersecurity experience, marked by a proven track record in scaling companies and driving hyper-growth. Read the entire article here
Read More CVE-2024-8190: Investigating CISA KEV Ivanti Cloud Service Appliance Command Injection Vulnerability
On September 10, 2024, Ivanti released a security advisory for a command injection vulnerability for it’s Cloud Service Appliance (CSA) product. Initially, this CVE-2024-8190 seemed uninteresting to us given that Ivanti stated that it was an authenticated vulnerability. Shortly after on September 13, 2024, the vulnerability was added to CISA’s Known Exploited Vulnerabilities (KEV). Given it was now exploited in...
Read More CVE-2023-28324 Deep Dive: Ivanti Endpoint Manager AgentPortal Improper Input Validation
Update: 2024-09-16 We initially wrote this post in reference to CVE-2024-29847, however this post actually describes CVE-2023-28324. We had incorrectly assumed that the SU5 update was comprehensive which resulted in us mistaking CVE-2023-28324 for CVE-2024-29847. The content of this blog has been updated accordingly. Introduction Ivanti Endpoint Manager (EPM) is an enterprise endpoint management solution that allows for centralized management...
Read More Stay Ahead of Cyber Threats with Autonomous Penetration Testing
Explore how autonomous penetration testing with NodeZero helps organizations meet NIS 2 compliance by enhancing cybersecurity through scalable, efficient risk assessments.
Read More