Release Notes
Our Release Notes provide a consolidated monthly summary of all the enhancements and updates delivered. These notes capture the culmination of continuous improvements we've made throughout the month, offering you a cohesive overview.
For real-time updates and the latest release information, please check the notifications directly within the portal.
2024.10
October Updates This spooky season brings no tricks—just a bag full of powerful new features and attack capabilities to strengthen your defenses! Check out the latest enhancements designed to keep your security strategy robust and ready.
- MFA-Protected Azure Credentials: NodeZero now supports injecting MFA-protected Azure credentials using Microsoft’s Device Code Flow.
- Tripwires for MSP Accounts: Tripwires is now available for MSP Client and Sub-Client accounts, with an improved alerting UX.
- Expanded Azure and AWS Attack Capabilities: New tools for Azure KeyVault pilfering, AWS Cognito misconfiguration exploitation, and enhanced privilege escalation detection in AWS environments.
- New Attack Content: Critical vulnerabilities added this month target Palo Alto, CloudStack, CUPS, Ruckus Wireless, AVTECH CCTV, Zimbra, CyberPanel, SharePoint, and more!
Check out the 2024.10 Details Page for all the details.
2024.09
September Updates As the crisp days of fall begin, we’re rolling out new features and powerful attack content to keep your cybersecurity strategies sharp. Check out the latest updates that will help fortify your defenses this month.
NodeZero Tripwires™
NodeZero Tripwires™ has been made Generally Available! See the Tripwires section for more information on this exciting new capability!
- 1CV Badge & Summary Table: Easily identify and track 1-Click Verify (1CV) pentests with new badges and summary tables.
- Enhanced Rapid Response Filtering: Improved tagging and filtering options make it easier to find relevant Rapid Response tests.
- Expanded Weaknesses CSV: Export more comprehensive data with new columns for Impact, Mitigations, and References.
- New Attack Content: This month’s attack content includes critical vulnerabilities affecting Ivanti, Sitecore, Apache Struts2, Mitel, Microsoft SQL Server Reporting Services, and more.
Check out the 2024.09 Details Page for all the details.
2024.08
August Updates As summer winds down and the back-to-school season kicks into gear, we're bringing you the latest updates to sharpen your cybersecurity defenses. Whether you're squeezing in last-minute summer adventures or prepping for a productive fall, these new features and attack content will help keep your organization safe and secure.
- Rapid Response Access for Team Members: Org Admins can now extend Rapid Response alert access to other team members, allowing for broader collaboration and faster reaction times.
- Co-Branding Sample Reports: New functionality for MSP/MSSP/C+ licenses allows for co-branding of sample operation reports, making it easier to align with your organization’s branding.
- AWS Pentest Enhancements: New Cloud Connection types, expiration settings, and improved capabilities for inspecting cloud resources.
- New Attack Content: This month’s attack content includes critical updates targeting vulnerabilities in SolarWinds Web Help Desk.
Check out the 2024.08 Details Page for all the details.
2024.07
July Updates As we celebrate the height of summer, we're excited to bring you an array of new features and enhancements to strengthen your cybersecurity defenses. Check out this month's updates, designed to empower your security strategies.
- NodeZero AWS Pentest: Introducing a comprehensive gray-box pentest utilizing a role with read-only permissions to assess the security of your AWS accounts.
- NodeZero Azure Entra ID Pentest: This new gray-box pentest uses an injected Entra ID credential and a privileged Active Directory credential to analyze attack paths in your hybrid environment. It includes an advanced configuration option for Entra ID App/Directory Role Privilege Escalation.
- New Pentest Setup Workflow: A revamped full-page UX for running pentests, allowing selection across four categories: Infrastructure Attack Surface, Identity Attack Surface, Operational Scenario Testing, and Rapid Response.
- Attack Content: Attack content affecting GeoServer, WhatsUp Gold, Palo Alto, OpenSSH, Cisco Smart Software Manager, and more!
- Added capabilities: Enhanced AWS analysis capabilities, including Lambda function code extraction and EC2 instance user data analysis.
Check out the 2024.07 Details Page for all the details.
2024.06
June Updates As summer brings longer days filled with sunlight, we are excited to introduce a wave of enhancements and new attack vectors to the NodeZero platform. Dive into our latest updates, designed to brighten your security outlook.
- AWS Canary Tokens Detection: Improved detection capabilities for AWS Canary Tokens to enhance accuracy and avoid false alerts.
- Office 365 Azure Token Pilfering: Expanding our RAT capabilities to capture Azure access tokens from Office 365 applications, potentially escalating to serious compromises.
- SolarWinds and Ubiquiti Exploits: New exploits for SolarWinds Serv-U and Ubiquiti UniFi Video vulnerabilities, targeting critical infrastructures.
- Enhanced Credential Leak Checks: Added sophisticated checks for exposed NTLM endpoints and a new classification for a Jupyter Windows Credential Leak.
- Rapid Response and CVE Exploits: Rapidly deploying tests for emerging threats such as PHP-CGI Command Injection and new exploits for Adobe Commerce, Telerik Report Server, and Veeam Backup.
- Additional Attack Content: This month's updates also feature new attack content targeting specific technologies including Ivanti Endpoint Manager, Apache HugeGraph, PHP-CGI, Jupyter, and Veeam Backup Enterprise Manager, enhancing our extensive coverage across a variety of critical systems.
Check out the 2024.06 Details Page for all the details.
2024.05
May Updates As May blossoms unfold, so do new features and updates in our platform, ensuring your cybersecurity is as vibrant and resilient as spring itself. This month, we've introduced several significant enhancements that will enrich your security measures and streamline your testing capabilities.
- Rapid Response Alert Center: Dive into proactive security with our newly launched Rapid Response Alert Center. It equips your organization with early alerts and actionable intelligence, enabling you to stay ahead of emerging threats.
- Phishing Pentest Enhancements: We've enhanced the Phishing Pentest Summary Page with new visual metrics and detailed mappings of phished credentials to their impacts, improving your insight into the phishing landscape.
- Template Management Enhancements: Experience greater flexibility in scheduling with our improved template management UI, now featuring customizable scheduling options.
- New Attack Content: Our attack repertoire has expanded with:
- Enhancements to our Remote Access Tool (RAT) capabilities.
- New exploits for vulnerabilities in Exchange, ColdFusion, FortiSIEM, and Traccar, bolstering our coverage and response to the latest threat vectors.
Check out the 2024.05 Details Page for all the details.
2024.04
April Updates April showers bring not just flowers, but also a deluge of enhancements to fortify your digital defenses! This month, we're rolling out new features designed to proactively empower your organization against the evolving threat landscape.
- Rapid Response Alert Center: Stay ahead of cyber threats with our new Rapid Response Alert Center. It provides early alerts and actionable intelligence, allowing you to proactively address vulnerabilities before they're exploited widely. This strategic addition is designed for real-time defense adjustments, ensuring you're always prepared.
- New Attack Content: Enhance your defense with our latest attack modules targeting:
- Progress Kemp LoadMaster for remote command execution.
- Entra Seamless SSO to forge Entra ID credentials.
- Azure Instance Metadata Service for querying sensitive data.
- AWS RDS databases to check and exploit default database credentials.
- GlobalProtect for critical infrastructure protection.
- MLFlow for targeting specific machine learning workflows.
- And more!
- Auto-injected Azure Credentials: Boost your Azure operations with auto-injected credentials now available for NodeZero scheduled pentests, enhancing both efficiency and security posture.
Check out the 2024.04 Details Page for all the details.
2024.03
March Updates March marches in with the promise of new growth and our commitment to continuous innovation. This month, we've cultivated a crop of robust features and enhancements aimed at strengthening your security landscape. Spring into action with our latest update highlights:
- Rapid Response Tests: Spring into action with our new Rapid Response tests, tailored to help you surgically test and verify the most critical and emerging vulnerabilities within your environment.
- New Attack Content: New content like the Fortinet FortiClient EMS SQL injection vulnerability that leads to remote code execution, and other high-profile CVEs.
- Template Management Page: Organize and streamline your attack templates with our newly designed template management UI.
- Active Directory Password Audit: Enhanced performance, now dumping NTDS secrets 10 times faster.
Check out the 2024.03 Details Page for all the details.
2024.02
February Updates Love is in the air, and so is the promise of enhancing cybersecurity with our February updates. This month, we're delivering a bouquet of new features and improvements, all designed to sweeten your security strategy. From user interface enhancements to testing your defenses from the attacker's perspective, let our latest offerings be your Valentine's gift from NodeZero.
- Sticky Table Headers: Navigate large data tables with ease, thanks to sticky headers that stay in view as you scroll.
- Dashboard Views: Customize your dashboard experience with new vertical and horizontal layout options, ensuring the most critical information is always where you need it.
- Cookie Consent for GDPR: Enhance user privacy with our updated cookie consent feature, now in compliance with GDPR.
- New Attack Content: Stay ahead of attackers with new attack modules, including CVEs targeting Ivanti Connect Secure, GitLab, ConnectWise SecureConnect, and more.
- Azure and AWS Enhancements: Gain deeper insights and control in cloud environments with our latest Azure user creation and AWS metadata service credential harvesting capabilities.
Check out the 2024.02 Details Page for all the details.
2024.01
January Updates As the new year begins amidst the quiet chill of winter, our team has ignited a beacon of innovation to heat up your security strategy. This January, we're rolling out powerful updates aimed at enhancing your cybersecurity posture. Embrace new beginnings and make a resolution to harden your infrastructure with our latest developments from the attacker's perspective!
- Phishing Impact Test: A significant leap forward with the launch of the Phishing Impact Test in NodeZero, enabling organizations to measure the potential impact of phishing with precision. See our phishing page here
- Attack Path Enhancements: Major improvements to Attack Paths, introducing a Vertical Display and Concise/Detailed views, for a clearer narrative on your security landscape.
- External Asset Discovery Updates: A series of updates to enhance the identification and management of external assets.
- New Attack Content: Expanding our arsenal with critical vulnerabilities targeting Ivanti Connect Secure VPN, Fortra GoAnywhere MFT, Apache OFBiz, Jenkins, and more, alongside inclusion of 21 vulnerabilities from the CISA KEV list.
Check out the 2024.01 Details Page for all the details.
2023.11
November Updates As November ushers in the crispness of late autumn, our team has been busy harvesting a rich array of updates and enhancements. This month, we present a bountiful selection of new features and refinements, each designed to fortify and streamline your security landscape. Step into November's technological cornucopia and explore what we've cultivated for you!
- New Attack Content: Attack content targeting Cisco IOS XE, Citrix NetScaler, Apache ActiveMQ, and Confluence.
- Cyanide Activity Identification: Enhanced NodeZero activity identification in logs with updated Cyanide, now including a static suffix 'H3N0' for simplified tracking.
- Azure Attack Flow Improvements: Strengthened Azure integration with the ability to use Azure Refresh and Access Tokens, streamlining the authentication process.
- Advanced Pentest Management: Introducing new functionalities like moving pentests between accounts and downloading key pentest data such as External IPs and AD Password Audit results in CSV format.
Check out the 2023.11 Details Page for all the details.
2023.10
October Updates As the nights grow longer and Halloween shadows creep in, we've conjured up a spellbinding set of updates for you this month. Like a cauldron brimming with potions, our platform brews with enhancements to bewitch and bolster your security endeavors. Dive in, if you dare!
- Credential Injection with Node Zero Runners: Node Zero Runners now support automatic credential injection for scheduled operations, requiring zero manual input post-setup. Especially useful for monthly Active Directory Password Audits, ensuring process adherence and catching overlooked policy errors.
- Revamped Fix Actions Report: The newly refreshed fix action report offers an intuitive table of contents and detailed insights, pinpointing affected hosts for each identified weakness. It's a consolidated resource for action-based insights.
- Enhanced Exposure Score Visibility: The pentest summary now displays an Overall Exposure Score, derived from a meticulous assessment of critical impacts, weaknesses, and data exposure. Improve your security by addressing these highlighted vulnerabilities.
Check out the 2023.10 Details Page for all the details.
2023.09
September Updates As the leaves turn golden and begin their descent, we're thrilled to unveil a flurry of fresh features this autumn. Just as trees are shedding layers, we added layers of innovation in September!
- Expanded Attack Content: New content for Citrix devices, Azure VM access, Adobe Coldfusion, advanced password spray, and more!
- Phishing Integration: Dive into NodeZero's brand-new test type and seamlessly integrate it with your Phishing campaigns.
- NodeZero Runner Resilience: Use
h3-cli
for effortless registration of your NodeZero Runner as a system service. - Enhanced Data Discovery: See "Protected Data" results during pentests for more insightful findings.
- Revamped Executive Summary: Discover our refreshed, intuitive design
Check out the 2023.09 Details Page for all the details.
2023.08
August Updates 🌞 As the summer sun continues to shine bright, so do our platform enhancements! We've brought in a fresh wave of updates this month, aiming to make your experience more seamless and engaging.
- Enhanced Proxy Support: Easier and more streamlined proxy configurations.
- Expanded Coercion Methods: New methods added to exploit PetitPotam vulnerabilities.
- Improved Single Sign-On (SSO) Experience: Open beta for paid accounts.
- Portal UI Updates: Introducing new color themes ("Modern" and "Light") and redesigned navigation bar for enhanced user interaction.
- Phishing Impact Test (Beta): Introducing new Phishing Impact Test to measure the impact of phishing attacks.
- Feature Additions: Added attack content for Juniper, cPanel, H2 Database, Adobe ColdFusion, and Metabase.
Check out the 2023.08 Details Page for all the details.
2023.07
The only thing hotter than July is all the new features. Here are some highlights:
- New/Updated Vulnerability Detections: Added several new detections and exploits for weaknesses.
- Password Spraying: Improved dynamic generation of weak passwords.
- External Host Discovery: Expanded NodeZero's coverage and accuracy for identifying hosts during external enumeration.
- Domain Controller Identification: Added better domain controller identification in adverse networks.
Check out the 2023.07 Details Page for all the details.
2023.06
Summer is here, along with a release packed with great new features! Here are a few highlights:
- Single Sign-On (SSO) Integration: Added support for Single Sign-On using OpenID Connect (OIDC).
- Password Audit Operations: Easily audit the strength and similarity of user passwords in your Active Directory environment.
- Remote Access Tool (RAT): NodeZero can now leverage detected weaknesses and vulnerabilities to deploy Remote Access Tools (RATs).
- Bulk Authorize External Assets: The External Assets page has improved ability to sort, filter, and bulk-authorize assets.
- NodeZero Runner Management: New Runner Management page improves visibility and control over your Runners.
- BloodHound Data Collection: NodeZero now collects BloodHound data during Pentest operations, which can be downloaded post-op.
Check out the 2023.06 Details Page for all the details.
2023.05
After the abundance of amazing attacks in April, we're thrilled to share even more May blooms with you! Here are some of the key highlights:
- Pentest Scheduling in the Portal: Say goodbye to manual configurations! You can now easily schedule future pentests and series of pentests directly in the Portal, streamlining your workflows. See the scheduling page for more information.
- VirtualHost Support for Kubernetes: NodeZero now supports VirtualHosts in Kubernetes modules, providing enhanced testing capabilities for containerized environments.
- Real-Time View Enhancements: Gain deeper insights with Real-Time View updates for External Pentests, including status updates for injected credentials. Stay on top of the progress with real-time information.
- Portal Login Enhancements: Experience enhanced authentication capabilities with a new Social Sign-In button for Microsoft/Azure.
- Attack Content Updates: As always, we're continually keeping NodeZero up-to-date with important exploits and attack techniques.
Check out the 2023.05 Details Page for all the details.
2023.04
This release packs in some great new features, including NodeZero Runners and the Network Enumeration operation type. A few highlights for this release include:
- Introduction of
NodeZero Runners
, which enable automated deployment of NodeZero without needed to copy-paste the curl script. - The
Network Enumeration
operation, the first of several Targeted Tests, which enables you to discover the attack surface of your internal network without identifying or exploiting vulnerabilities. - Added ability for users to inject credentials immediately after scheduling a pentest and while a pentest is paused
- Added new visualizations and filtering to the Hosts Page
- Enhanced password spray and password cracking routines to utilize usernames from breach data
- As always, we're continually keeping NodeZero up-to-date with important exploits and attack techniques.
Check out the 2023.04 Details Page for all the details.
2023.03
Spring is in the air, and with it comes the latest updates to NodeZero! March brings a fresh breeze of features and improvements to help your cybersecurity program bloom. Check out the highlights below, or view in detail on the March 2023 page.
- New user experience enabled by default!
- The new user experience is now enabled by default. Customers that had access to the old experience can still switch back for a limited time.
- As always, we're continually keeping NodeZero up-to-date with important exploits and attack techniques.
Check out the 2023.03 Details Page for all the details.
2023.02
This release is filled with amazing new capabilities and we are excited for you to use them
View the 2023.02 Details Page for detailed explanations, but here are some highlights:
- New User Experience: This is a whole new look and feel to the portal. We've revamped the executive summary and made it much easier to navigate through the results of your pentest
- Externally pentest IP Addresses: Available in the new user experience, you can now add IPs to the scope for an External pentest
- Pause and Resume pentest operations: Available in the new user experience, you can now pause and resume ops from the portal
- 1-Click-Verify multiple weaknesses at a time: Available in the new user experience
- H3 CLI: You can now schedule a pentest to run automatically on a recurring basis using the H3 CLI tool
And much more. Check out the 2023.02 Details Page for all the details.
2023.01
Happy New Year!
This month's release improves functionality in user interface and additional attack content including:
- VMware vRealize Log Insight VMSA-2023-0001
- Active Directory Certificate Services (ADCS) ESC8
- Additional Cloud Attack Content
- Multiple CISA KEVs
View the 2023.01 Details Page for detailed explanations, enhancements, and bugfixes!