advanced persistant threats

Understanding Advanced Persistent Threats

What are Advanced Persistent Threats(APTs)?  Advanced persistent threats (APTs) are a type of cyber attack that poses a serious threat to organizations and individuals alike. In this article, we will delve into ...
webui.conf

Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting

| | Blog, Red Team
Introduction There has been a lot of news around the recent Cisco IOS XE vulnerabilities CVE-2023-20198 and CVE-2023-2073. Information about this vulnerability was first published by Cisco on October 16th, […] The ...
NextGen Mirth Connect Remote Code Execution Vulnerability (CVE-2023-43208)

NextGen Mirth Connect Remote Code Execution Vulnerability (CVE-2023-43208)

| | Blog, Disclosures, Red Team
Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability, CVE-2023-43208. If ...
VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs

VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs

| | Blog, Red Team
Introduction This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/. Earlier this year we reported the technical details for VMSA-2023-0001 affecting VMware Aria Operations for Logs (formerly VMware vRealize Log Insight). […] The ...

Cisco IOS XE Web UI Vulnerability: A Glimpse into CVE-2023-20198

| | Blog, Red Team
Overview On Monday, 16 October, Cisco reported a critical zero-day vulnerability in the web UI feature of its IOS XE software actively being exploited by threat actors to install Remote […] The ...
SCCM Hierarchy Takeover

SCCM Hierarchy Takeover

One Site to Rule Them Alltl;dr:There is no security boundary between sites in the same hierarchy.When an administrative user is granted a security role in SCCM, such as Full Administrator or Infrastructure Administrator, ...
Reactive Progress and Tradecraft Innovation

Reactive Progress and Tradecraft Innovation

Detection as PredictionThe overarching goal of a security operations program is to prevent or mitigate the impact of an attacker gaining unauthorized access to an IT environment. In service of this mission, ...
wargames cybersecurity ransomware strategy breach prevention strategy cybersecurity

Leveraging Wargaming Principles for Cyberdefense Exercises

Wargames are an excellent way to ensure your cyberdefense plans are solid and your processes are current ...
Security Boulevard
Apache Superset Part II: RCE, Credential Harvesting and More

Apache Superset Part II: RCE, Credential Harvesting and More

| | Blog, Disclosures, Red Team
Apache Superset is a popular open source data exploration and visualization tool. In a previous post, we disclosed a vulnerability, CVE-2023-27524, affecting thousands of Superset servers on the Internet, that enables unauthorized ...