Horizon3.ai – Page 2 – WindowsTechs.com

Cisco Patches Two Dangerous Zero-Day Vulnerabilities

Posted on October 24, 2023 by Megan Crouse

The vulnerabilities, one of which was rated critical and one of which was rated highly severe, affect Cisco IOS XE software. Continue reading Cisco Patches Two Dangerous Zero-Day Vulnerabilities→

Posted on August 7, 2023 by Zeljka Zorz

Horizon3.ai researchers have published some details (but no PoC for now, thankfully!) about CVE-2023-39143, two vulnerabilities in PaperCut application servers that could be exploited by unauthenticated attackers to execute code remotely. But, they not… Continue reading PaperCut fixes bug that can lead to RCE, patch quickly! (CVE-2023-39143)→

Posted on June 13, 2023 by Zeljka Zorz

As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE vulnerability exploited by the Cl0p cyber extortion group to plunder confidential data. C… Continue reading PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)→

Posted on April 26, 2023 by Zeljka Zorz

An insecure default configuration issue (CVE-2023-27524) makes most internet-facing Apache Superset servers vulnerable to attackers, Horizon3.ai researchers have discovered. Administrators in charge of Apache Superset instances should check whether the… Continue reading Common insecure configuration opens Apache Superset servers to compromise→

Posted on April 25, 2023 by Zeljka Zorz

An unauthenticated RCE flaw (CVE-2023-27350) in widely-used PaperCut MF and NG print management software is being exploited by attackers to take over vulnerable application servers, and now there’s a public PoC exploit. About the vulnerability Ac… Continue reading PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)→

Posted on February 21, 2023 by Zeljka Zorz

Horizon3’s Attack Team has released a PoC exploit for CVE-2022-39952, a critical vulnerability affecting FortiNAC, Fortinet’s network access control solution. “Similar to the weaponization of previous archive vulnerability issues that allow arbit… Continue reading PoC exploit, IoCs for Fortinet FortiNAC RCE released (CVE-2022-39952)→

Posted on February 20, 2023 by Zeljka Zorz

Fortinet has dropped fixes for 40 vulnerabilities in a variety of its products, including two critical vulnerabilities (CVE-2022-39952, CVE-2021-42756) affecting its FortiNAC and FortiWeb solutions. Since cyberattackers love to exploit vulnerabilities … Continue reading Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952)→

Posted on January 17, 2023 by Zeljka Zorz

If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because Horizon3’s will be releasing technical details and a PoC exploit this week…. Continue reading PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)→

Posted on October 14, 2022 by Zeljka Zorz

Horizon3.ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet‘s firewalls and secure web gateways, and soon after exploitation attempts started rising. “[On Thursday], the… Continue reading Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount→

Posted on June 2, 2022 by Industry News

Horizon3.ai announced it has extended the capabilities of its NodeZero platform to include external penetration testing. With this enhancement, Horizon3.ai is the first autonomous penetration testing platform to offer organizations both internal and ex… Continue reading Horizon3.ai extends its NodeZero platform to include both internal and external penetration testing→