@zeroport0 profile picture
Zeroport @zeroport0

Non-IP Remote Access, Malware stays out- your data stays in.

Joined January 2026
  • Tweets 73
  • Following 93
  • Followers 9
13 Photos and videos
BeyondTrust PAM: public PoC to active ransomware in 24 hours. CVSS 9.9, pre-auth RCE. The pattern is not BeyondTrust. It is software-defined remote access itself. zeroport.com/blog/beyondtrus…

BeyondTrust CVE-2026-1731: PAM as a Ransomware Attack Path

BeyondTrust CVE-2026-1731 went from PoC to active ransomware exploitation in 24 hours. What CVSS 9.9 pre-auth RCE means for PAM buyers and remote access architecture.

zeroport.com
25
Zeroport retweeted
Yotam Gutman
@GutmanYotam
May 18
מחפשים שם חדש לקמפיין, קבוצת תקיפה או רושעה? קבלו את מג'נרט שמות הסייבר! cyberpros.co/
2
3
184
I'm excited to be speaking at Infosecurity Europe 2026, 2-4 June! Come see me and hundreds of other talks digging into the latest insights, with our shared goal of Building a Safer Cyber World. 🤝 #Infosec2026 #CyberSafe Here's the link to register: invt.io/1txbjbjk1pb

Connect with me at Infosecurity Europe 2026

Register now

invt.io
1
19
CISA CI Fortify asks OT operators to prove they have isolation capability. Most remote access can't satisfy it by design. Why: zeroport.com/blog/cisa-ci-fo…

CISA CI Fortify: Structural vs. Reactive OT Isolation

CI Fortify defines isolation as a core OT capability. Most remote access architectures satisfy it reactively. Fantom satisfies it by architecture.

zeroport.com
4
1/ CVE-2026-0300: pre-auth root RCE in PAN-OS. No patch until May 13. CISA added it to KEV on May 6. Here is why this keeps happening. 🧵
1
74
more replies
5/ The question is not when the next one appears. It will appear. The question is what architecture you build around that fact. Hardware that transmits only pixels has no software attack surface at the boundary. No CVE applies to a pixel channel.
1
24
6/ Full writeup on the CVE and the architecture argument: zeroport.com/blog/pan-os-cve…

CVE-2026-0300: PAN-OS Pre-Auth Root RCE | Zeroport

CVE-2026-0300 is an unauthenticated root RCE in PAN-OS. No patch until May 13. This is the latest in a pattern every security architect needs to understand.

zeroport.com
39
CVE-2026-0300: pre-auth root RCE in PAN-OS. No patch until May 13. BeyondTrust (Feb), Citrix (Mar), SonicWall (Apr), Palo Alto (May). This is the pattern. New post: zeroport.com/blog/pan-os-cve…

CVE-2026-0300: PAN-OS Pre-Auth Root RCE | Zeroport

CVE-2026-0300 is an unauthenticated root RCE in PAN-OS. No patch until May 13. This is the latest in a pattern every security architect needs to understand.

zeroport.com
105
Fortinet SSL-VPN stops getting patches on May 11. Four days left. Most migration conversations are asking the wrong question.
1
22
more replies
5/6 Path 3: Hardware-enforced access. No IP path into the network. No session token. Stolen credentials get an attacker pixels and a cursor. Not code execution. Not lateral movement. The attack class is gone, not relocated.
1
11
6/6 Full breakdown of all three paths and the one question worth asking before you pick one: zeroport.com/blog/fortinet-s…

Fortinet SSL-VPN End of Engineering Support May 2026: Migration Guide

Fortinet SSL-VPN End of Engineering Support lands May 11, 2026. No new security patches after that date. Three migration paths: upgrade within Fortinet, move to ZTNA, or move to hardware-enforced...

zeroport.com
1
Fortinet SSL-VPN stops getting patches on May 11. Before you migrate, ask one question: does the new product eliminate the attack class, or just move it? zeroport.com/blog/fortinet-s…

Fortinet SSL-VPN End of Engineering Support May 2026: Migration Guide

Fortinet SSL-VPN End of Engineering Support lands May 11, 2026. No new security patches after that date. Three migration paths: upgrade within Fortinet, move to ZTNA, or move to hardware-enforced...

zeroport.com
15
"Air-gapped remote access" is a term most vendors use incorrectly. An air gap means no network connection. Most products labeled "air-gapped" still create one — they just control it with software. New post on what air-gapped remote access actually requires lnkd.in/d-xS_kuV

LinkedIn

This link will take you to a page that’s not on LinkedIn

lnkd.in
1
1
91
VPN Credential Theft: Why Stolen Logins Have Become the Preferred Entry Point Into Enterprise Networks zeroport.com/blog/vpn-creden…

VPN Credential Theft and Abuse: How Attackers Log In Without Breaking In

Stolen VPN credentials drove 56% of ransomware deployments in Q1 2025. Learn how credentials are stolen, packaged, and sold, and why MFA and credential rotation do not solve the underlying architec...

zeroport.com
37
Load more