#watchtowr — Public Fediverse posts

watchTowr Active Defense delivers automated protection from exposure to defense https://www.helpnetsecurity.com/2025/12/09/watchtowr-active-defense/ #Industrynews #WatchTowr

Popular code formatting sites are exposing credentials and other secrets https://www.helpnetsecurity.com/2025/11/25/code-formatting-sites-exposing-secrets/ #Don'tmiss #WatchTowr #Hotstuff #dataleak #News

Monsta FTP Vulnerability Exposed Thousands of Servers to Full Takeover https://hackread.com/monsta-ftp-flaw-web-servers-open-server-takeover/ #Cybersecurity #Vulnerability #MonstaFTP #watchTowr #Security #RCE

CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073) https://www.helpnetsecurity.com/2025/10/21/cisa-warns-of-windows-smb-flaw-under-active-exploitation-cve-2025-33073/ #GuidePointSecurity #WindowsServer #Don'tmiss #Synacktiv #WatchTowr #Hotstuff #Windows #News #CISA #PoC

@hanno not unlikely, if you have an exploit to chain with it to dump something important to a file.
Have you read some of the recent #watchTowr posts ?

https://labs.watchtowr.com/well-well-well-its-another-day-oracle-e-business-suite-pre-auth-rce-chain-cve-2025-61882well-well-well-its-another-day-oracle-e-business-suite-pre-auth-rce-chain-cve-2025-61882/

Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882) https://www.helpnetsecurity.com/2025/10/07/leaked-oracle-ebs-exploit-attacks-cve-2025-61882/ #Resecurity #Don'tmiss #datatheft #extortion #WatchTowr #Hotstuff #Mandiant #exploit #Oracle #News

Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035) https://www.helpnetsecurity.com/2025/09/26/fortra-goanywhere-zero-day-cve-2025-10035/ #enterprise #Don'tmiss #WatchTowr #Hotstuff #Fortra #Rapid7 #0-day #News

Commvault plugs holes in backup suite that allow remote code execution https://www.helpnetsecurity.com/2025/08/20/commvault-backup-suite-vulnerabilities-fixed/ #enterprise #government #Don'tmiss #Commvault #WatchTowr #Hotstuff #backup #News

SonicWall Urges Patch After 3 Major VPN Vulnerabilities Disclosed – Source:hackread.com https://ciso2ciso.com/sonicwall-urges-patch-after-3-major-vpn-vulnerabilities-disclosed-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #SonicWall #watchTowr #Hackread #security #DoS #RCE #SSL

SonicWall Urges Patch After 3 Major VPN Vulnerabilities Disclosed https://hackread.com/sonicwall-patch-after-3-vpn-vulnerabilities-disclosed/ #Cybersecurity #Vulnerability #SonicWall #watchTowr #Security #DoS #RCE #SSL

Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257) https://www.helpnetsecurity.com/2025/07/14/exploits-for-unauthenticated-fortiweb-rce-are-public-so-patch-quickly-cve-2025-25257/ #webapplicationsecurity #vulnerability #Don'tmiss #WatchTowr #Hotstuff #Fortinet #exploit #Rapid7 #News #PoC

Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777) https://www.helpnetsecurity.com/2025/07/08/cve-2025-5777-indicators-of-compromise/ #Horizon3ai #ReliaQuest #Don'tmiss #NetScaler #WatchTowr #Hotstuff #exploit #Citrix #News #PoC

PoC exploit for SysAid pre-auth RCE released, upgrade quickly! https://www.helpnetsecurity.com/2025/05/07/poc-exploit-for-sysaid-pre-auth-rce-released-upgrade-quickly/ #vulnerability #enterprise #Don'tmiss #WatchTowr #Hotstuff #SysAid #News #ITSM #SMBs #PoC

watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices https://hackread.com/watchtowr-exploits-target-sonicwall-sma-100-devices/ #Cybersecurity #Vulnerability #CyberAttack #SonicWall #watchTowr #Security #CISA

watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices – Source:hackread.com https://ciso2ciso.com/watchtowr-warns-of-active-exploitation-of-sonicwall-sma-100-devices-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #CyberAttack #SonicWall #watchTowr #Hackread #security #CISA

Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) https://www.helpnetsecurity.com/2025/04/24/critical-commvault-rce-vulnerability-fixed-poc-available-cve-2025-34028/ #dataprotection #vulnerability #Don'tmiss #Commvault #WatchTowr #Hotstuff #backup #News #PoC

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) https://www.helpnetsecurity.com/2025/03/21/nakivo-backup-replication-vulnerability-exploited-by-attackers-cve-2024-48248/ #disasterrecovery #vulnerability #enterprise #Don'tmiss #WatchTowr #Hotstuff #backup #NAKIVO #News #SMBs #MSP #PoC

Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) https://www.helpnetsecurity.com/2025/03/20/critical-veeam-backup-replication-rce-vulnerability-cve-2025-23120/ #VeeamSoftware #vulnerability #enterprise #Don'tmiss #WatchTowr #Hotstuff #backup #Rapid7 #News #SMBs #PoC

291: AWS, GCP and Azure eat KRO Are abandoned S3 buckets a problem? watchTowr Labs seems to think so… although Jonathan isn’t convinced. Join us for episode 291, as The Cloud Pod crew turns into a digital Goodwill. #watchTowr #thecloudpod #s3buckets https://www.thecloudpod.net/?p=20998

291: AWS, GCP and Azure eat KRO Are abandoned S3 buckets a problem? watchTowr Labs seems to think so… although Jonathan isn’t convinced. Join us for episode 291, as The Cloud Pod crew turns into a digital Goodwill. #watchTowr #thecloudpod #s3buckets https://www.thecloudpod.net/?p=20998

Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms https://www.securityweek.com/abandoned-amazon-s3-buckets-enabled-attacks-against-governments-big-firms/ #ApplicationSecurity #abandoneddomains #WatchTowr #AWS

Historia o tym jak badacze bezpieczeństwa mogli przejąć infrastrukturę rządową i nie tylko – cudzymi rękami

O tym, że profesjonaliści zajmujący się bezpieczeństwem powinni z należytą dbałością weryfikować wykorzystywane narzędzia pisaliśmy już nie raz. Ostatnio temat ten został przytoczony omawiając przypadek domeny linpeas.sh. Dzisiaj znów wyciągniemy wnioski z cudzych błędów, a laboratoryjnym przykładem nie będą pentesterzy, a czarne kapelusze (ang. black hat). Jednak morał płynący z...

#WBiegu #Backdoor #Watchtowr #Websec

https://sekurak.pl/historia-o-tym-jak-badacze-bezpieczenstwa-mogli-przejac-infrastrukture-rzadowa-i-nie-tylko-cudzymi-rekami/

UK domain registry Nominet breached via Ivanti zero-day https://www.helpnetsecurity.com/2025/01/13/uk-domain-registry-nominet-breached-via-ivanti-zero-day-cve-2025-0282/ #Shadowserver #Don'tmiss #WatchTowr #Hotstuff #Mandiant #Nominet #Ivanti #0-day #News #CISA

Mitel MiCollab zero-day and PoC exploit unveiled https://www.helpnetsecurity.com/2024/12/05/mitel-micollab-zero-day-and-poc-exploit-unveiled/ #collaboration #enterprise #Don'tmiss #WatchTowr #Hotstuff #0-day #Mitel #News #CVE #PoC

watchTowr Finds New Zero-Day Vulnerability in Fortinet Products – Source: www.infosecurity-magazine.com https://ciso2ciso.com/watchtowr-finds-new-zero-day-vulnerability-in-fortinet-products-source-www-infosecurity-magazine-com/ #rssfeedpostgeneratorecho #InfoSecurityMagazine #InfosecurityMagazine #CyberSecurityNews #WatchTowr

87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) https://www.helpnetsecurity.com/2024/10/15/cve-2024-23113/ #vulnerability #Shadowserver #enterprise #Don'tmiss #WatchTowr #Hotstuff #Fortinet #FortiOS #News #CVE

watchTowr raises $19 million to accelerate global growth https://www.helpnetsecurity.com/2024/10/10/watchtowr-funding-19-million/ #Industrynews #WatchTowr

"We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI" -- watchTowr Labs

Quite alarming how little this field seems to have been researched. And bigger registrars are using hardcoded, outdated WHOIS server addresses.. Yikes!

Happy to hear that Let's Encrypt doesn't allow for validation of domains via WHOIS at least. But GlobalSign and others seemingly do..!

https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/

#watchtowr #labs #mobi #whois #rce #vulnerability #infosec #letsencrypt #ca #tls #ssl

Rogue #WHOIS server gives researcher superpowers no one should ever have
.mobi top-level-domain managers changed the location of its WHOIS server. No one got the memo.
It’s not every day that a #security researcher acquires the ability to generate counterfeit HTTPS certificates, track email activity, and execute code of his choice on thousands of servers—all in a single blow that cost only $20 and a few minutes to land.
https://arstechnica.com/security/2024/09/rogue-whois-server-gives-researcher-superpowers-no-one-should-ever-have/ #DNS #watchTowr

Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) https://www.helpnetsecurity.com/2024/06/25/cve-2024-5805-cve-2024-5806/ #securityupdate #file-sharing #enterprise #Don'tmiss #WatchTowr #Hotstuff #Progress #Rapid7 #News #MFT #PoC

PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577) https://www.helpnetsecurity.com/2024/06/13/cve-2024-4577-exploited/ #vulnerability #ransomware #Don'tmiss #WatchTowr #Hotstuff #Devcore #exploit #Imperva #Windows #News #CVE #PHP

[Перевод] CVE-2024-4577: Не может быть, PHP опять под атакой

Orange Tsai недавно запостил про «Одну из уязвимостей PHP, которая влияет на XAMPP, развернутый с настройками по умолчанию», и нам было интересно рассказать немного об этом. XAMPP - очень популярный способ администраторов и разработчиков развернуть Apache, PHP и множество других инструментов, и любая ошибка, которая может быть RCE в установке этого набора по умолчанию, звучит очень заманчиво. Где нашлась очередная уязвимость PHP? Читайте далее.

https://habr.com/ru/articles/820409/

#CVE20244577 #CVE #PHP #phpcgi #xampp #rce #watchtowr #уязвимости #уязвимости_php #уязвимость

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation https://www.helpnetsecurity.com/2024/04/17/cve-2024-3400-attacks/ #PaloAltoNetworks #securityupdate #vulnerability #enterprise #TrustedSec #Don'tmiss #GreyNoise #WatchTowr #Hotstuff #firewall #Volexity #exploit #News #PoC

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation https://www.helpnetsecurity.com/2024/04/17/cve-2024-3400-attacks/ #PaloAltoNetworks #securityupdate #vulnerability #enterprise #TrustedSec #Don'tmiss #GreyNoise #WatchTowr #Hotstuff #firewall #Volexity #exploit #News #PoC

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation https://www.helpnetsecurity.com/2024/04/17/cve-2024-3400-attacks/ #PaloAltoNetworks #securityupdate #vulnerability #enterprise #TrustedSec #Don'tmiss #GreyNoise #WatchTowr #Hotstuff #firewall #Volexity #exploit #News #PoC

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation https://www.helpnetsecurity.com/2024/04/17/cve-2024-3400-attacks/ #PaloAltoNetworks #securityupdate #vulnerability #enterprise #TrustedSec #Don'tmiss #GreyNoise #WatchTowr #Hotstuff #firewall #Volexity #exploit #News #PoC