Horizon3.ai
Horizon3.ai

Resource Center

Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.

Filters

Categories
Tags

Showing 25–30 of 479 results

CVE-2024-8190: Investigating CISA KEV Ivanti Cloud Service Appliance Command Injection Vulnerability

On September 10, 2024, Ivanti released a security advisory for a command injection vulnerability for it’s Cloud Service Appliance (CSA) product. Initially, this CVE-2024-8190 seemed uninteresting to us given that Ivanti stated that it was an authenticated vulnerability. Shortly after on September 13, 2024, the vulnerability was added to CISA’s Known Exploited Vulnerabilities (KEV). Given it was now exploited in...
Read More

CVE-2023-28324 Deep Dive: Ivanti Endpoint Manager AgentPortal Improper Input Validation

Update: 2024-09-16 We initially wrote this post in reference to CVE-2024-29847, however this post actually describes CVE-2023-28324. We had incorrectly assumed that the SU5 update was comprehensive which resulted in us mistaking CVE-2023-28324 for CVE-2024-29847. The content of this blog has been updated accordingly. Introduction Ivanti Endpoint Manager (EPM) is an enterprise endpoint management solution that allows for centralized management...
Read More

Unveiling NodeZero Tripwires™: Horizon3.ai Enhances Penetration Testing with Integrated Threat Detection

Business Wire 09/10/2024 Horizon3.ai, a global leader in autonomous security solutions, today unveiled NodeZero Tripwires™, an addition to its product suite that integrates attack detection directly into the penetration testing process. This first-of-its-kind solution combines deception and detection technologies within NodeZero™ autonomous pentests to identify unauthorized access and malicious activities in real time. Read the entire article here
Read More