WatchTowr - Security Ticks

Mitel MiCollab zero-day and PoC exploit unveiled

0-day, collaboration, CVE, Don't miss, enterprise, Hot stuff, Mitel, News, PoC, WatchTowr / SecurityTicks

Mitel MiCollab zero-day and PoC exploit unveiled 2024-12-05 at 16:32 By Zeljka Zorz A zero-day vulnerability in the Mitel MiCollab enterprise collaboration suite can be exploited to read files containing sensitive data, watchTowr researcher Sonny Macdonald has disclosed, and followed up by releasing a proof-of-concept (PoC) exploit that chains together this zero-day file read vulnerability […]

React to this headline:

Mitel MiCollab zero-day and PoC exploit unveiled Read More »

87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)

CVE, Don't miss, enterprise, Fortinet, FortiOS, Hot stuff, News, Shadowserver, vulnerability, WatchTowr / SecurityTicks

87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) 2024-10-15 at 14:49 By Zeljka Zorz Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming that it’s being leveraged by attackers in the

React to this headline:

87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) Read More »

watchTowr raises $19 million to accelerate global growth

Industry news, WatchTowr / SecurityTicks

watchTowr raises $19 million to accelerate global growth 2024-10-10 at 15:31 By Industry News watchTowr announced a $19 million Series A funding round led by Peak XV, formerly known as Sequoia India & Southeast Asia, with repeat participation from Prosus Ventures and Cercano Management. The company will use the funds to capture market leadership and

React to this headline:

watchTowr raises $19 million to accelerate global growth Read More »

Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)

backup, Censys, Code White, CVE, Don't miss, enterprise, Hot stuff, News, Veeam Software, vulnerability, WatchTowr / SecurityTicks

Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) 2024-09-09 at 14:46 By Zeljka Zorz CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Discovered and reported by Code WHite researcher Florian Hauser, the vulnerability can be leveraged for

React to this headline:

Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) Read More »

Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)

Don't miss, enterprise, file-sharing, Hot stuff, MFT, News, PoC, Progress, security update, WatchTowr / SecurityTicks

Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) 2024-06-25 at 21:16 By Zeljka Zorz Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software product. According to WatchTowr Labs researchers, the company has been privately instructing users to implement the hotfixes before

React to this headline:

Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) Read More »

PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577)

CVE, Devcore, Don't miss, exploit, Hot stuff, Imperva, News, PHP, Ransomware, vulnerability, WatchTowr, Windows / SecurityTicks

PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577) 2024-06-13 at 15:01 By Zeljka Zorz An OS command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang. Imperva says the attacks started on June 8, two days after the PHP development team pushed out fixes, and one

React to this headline:

PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577) Read More »

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919)

0-day, Check Point, CISA, CVE, Don't miss, enterprise, Hot stuff, News, Rapid7, WatchTowr / SecurityTicks

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) 2024-05-31 at 14:32 By Zeljka Zorz Attackers have been exploiting CVE-2024-24919, a zero-day vulnerability in Check Point Security Gateways, to pinpoint and extract password hashes for local accounts, which they then used to move laterally in the target organizations’ network. “The vulnerability is particularly critical

React to this headline:

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) Read More »

15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130)

Don't miss, Hot stuff, NAS, News, PoC, QNAP, security update, vulnerability, WatchTowr / SecurityTicks

15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130) 2024-05-21 at 17:31 By Zeljka Zorz Researchers have found 15 vulnerabilities in QNAP’s network attached storage (NAS) devices, and have released a proof-of-concept for one: an unauthenticated stack overflow vulnerability (CVE-2024-27130) that may be leveraged for remote code execution. The vulnerabilities and the CVE-2024-27130

React to this headline:

15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130) Read More »

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

Don't miss, enterprise, exploit, firewall, GreyNoise, Hot stuff, News, Palo Alto Networks, PoC, security update, TrustedSec, Volexity, vulnerability, WatchTowr / SecurityTicks

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation 2024-04-17 at 12:31 By Zeljka Zorz While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be as easy a disabling the devices’ telemetry, it has now been comfirmed that this mitigation is ineffectual. “Device telemetry does not need to be

React to this headline:

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation Read More »

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)

ConnectWise, Don't miss, exploit, Hot stuff, Huntress, MSP, News, Palo Alto Networks, PoC, remote access, remote management, Shadowserver, vulnerability, WatchTowr / SecurityTicks

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708) 2024-02-22 at 12:31 By Zeljka Zorz The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, CVE-2024-1708 for the path traversal flaw. ConnectWise has also released a newer version of ScreenConnect

React to this headline:

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708) Read More »

Juniper networking devices under attack

CISA, Don't miss, enterprise, exploit, firewall, Hot stuff, Juniper Networks, News, vulnerability, WatchTowr / SecurityTicks

Juniper networking devices under attack 14/11/2023 at 16:46 By Zeljka Zorz CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are not particularly severe by themselves, but they can be – and have been – chained

React to this headline:

Juniper networking devices under attack Read More »

Critical zero-days in Exim revealed, only 3 have been fixed

0-day, Don't miss, email security, Exim, Hot stuff, Linux, News, security update, Trend Micro, vulnerability disclosure, WatchTowr / SecurityTicks

Critical zero-days in Exim revealed, only 3 have been fixed 02/10/2023 at 17:03 By Zeljka Zorz Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to be insufficient information and poor communication, fixes for only three

React to this headline:

Critical zero-days in Exim revealed, only 3 have been fixed Read More »

PoC for no-auth RCE on Juniper firewalls released

Don't miss, exploit, Hot stuff, Juniper Networks, Junos OS, News, PoC, security update, vulnerability, WatchTowr / SecurityTicks

PoC for no-auth RCE on Juniper firewalls released 28/08/2023 at 13:32 By Zeljka Zorz Researchers have released additional details about the recently patched four vulnerabilities affecting Juniper Networks’ SRX firewalls and EX switches that could allow remote code execution (RCE), as well as a proof-of-concept (PoC) exploit. Junos OS vulnerabilities and fixes Earlier this month,

React to this headline:

PoC for no-auth RCE on Juniper firewalls released Read More »