Industry Insights
How to Migrate AWS PostgreSQL RDS to Aurora Using Terraform
6 min read This summary covers key migration steps, Terraform integration, and strategies for handling costs and backups. The post How to Migrate AWS PostgreSQL RDS to Aurora Using Terraform appeared first ...
Evolving Threats from Within: Insights from the 2024 Data Exposure Report
In today’s hyper-connected world, insider-driven data loss remains a significant threat across industries. Despite the widespread implementation of traditional Data Loss Prevention (DLP) solutions, the latest insights from our 2024 Data Exposure ...
Are You Prepared for FedRAMP Rev. 5?
This year we joined other organizations in going through the FedRAMP Revision 5 transition project. If you’re unfamiliar, the Federal Risk and Authorization Management Program (FedRAMP) transitioned from using NIST 800-53 Revision 4 ...
CVE-2024-21893: Another Ivanti Vulnerability Exploited in the Wild. Verify with NodeZero Today!
On 22 January, Ivanti published an advisory stating that they discovered two new, high-severity vulnerabilities (CVE-2024-21888 and CVE-2024-21893) after researching previously reported vulnerabilities affecting Ivanti Connect Secure, Ivanti Policy Secure […] The ...
Gone Phishing: How an Intern’s Credentials can be a Gateway to Your Crown Jewels
“Who cares that the intern was phished during our phishing campaign? It’s an intern, they don't have access to anything important." The post Gone Phishing: How an Intern’s Credentials can be a ...
CVE-2024-23897: Check Critical Jenkins Arbitrary File Like Vulnerability Now!
On 24 January 2024, the Jenkins team issued a security advisory disclosing a critical vulnerability that affects the Jenkins CI/CD tool. Jenkins is a Java-based open-source automation server run by […] The ...
CVE-2024-0204: Check Critical Fortra GoAnywhere MFT Authentication Bypass with NodeZero™️ Now!
On 22 January, Fortra issued an advisory stating that versions of its GoAnywhere Managed File Transfer (MFT) product suffer from an authentication bypass vulnerability. The post CVE-2024-0204: Check Critical Fortra GoAnywhere MFT ...
NodeZero Updated With Attack Content for Critical Confluence RCE
On 16 January, Atlassian released a security advisory concerning CVE-2023-22527 that affects vulnerable out-of-date versions of Confluence Data Center and Server. The post NodeZero Updated With Attack Content for Critical Confluence RCE ...
Understanding the Actively-Exploited Ivanti CVE’s
Two recent Ivanti CVEs are being actively exploited by suspected nation-state threat actors. The post Understanding the Actively-Exploited Ivanti CVE’s appeared first on Horizon3.ai ...
Malicious Insiders: Definition, Motivation and Examples
Malicious insiders are only a small portion of threats that companies face today, but make no mistake: your company can lose hundreds of thousands of dollars because of one. According to the ...