watchTowr
@watchtowrcyber
Followers
3,693
Following
12
Media
37
Statuses
157
Your very own APT group, in an Attack Surface Management solution.
Joined November 2020
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Iran
• 530377 Tweets
Argentina
• 455031 Tweets
Kyle
• 288055 Tweets
Shapiro
• 255222 Tweets
Sunderland
• 177489 Tweets
オフサイド
• 119815 Tweets
Francia
• 103415 Tweets
#ErdoğanınYanındayız
• 96797 Tweets
Mascherano
• 76049 Tweets
Emily
• 74124 Tweets
pastor
• 68819 Tweets
Julian
• 64314 Tweets
Ron Paul
• 50923 Tweets
Adele
• 48713 Tweets
İsrail
• 41350 Tweets
BAUTISTA EN EL GRAN REX
• 37536 Tweets
Angola
• 37203 Tweets
残高不足
• 30668 Tweets
Fresh News for $XRP Holders
• 24185 Tweets
準々決勝進出
• 21606 Tweets
ムビチケ
• 20123 Tweets
ロッキン
• 19580 Tweets
FGOフェス
• 19470 Tweets
Otamendi
• 18483 Tweets
Zenón
• 17961 Tweets
#SmackDown
• 17522 Tweets
Simeone
• 17326 Tweets
Gabriel Sara
• 16670 Tweets
Aerosmith
• 16366 Tweets
Almada
• 14956 Tweets
Grant Fisher
• 12170 Tweets
Echeverri
• 11959 Tweets
バス会社
• 10362 Tweets
Pinned Tweet
we're hiring globally, on our crusade to hack the planet
0
9
46
speak soon.
CVE-2024-4577, Argument Injection in PHP-CGI
8
189
926
Here's our PoC for the Connectwise ScreenConnect Auth Bypass:
The vuln is the definition of trivial and thus we won't release any analysis. Not sure what we would share - "Add a / and you too can pwn the world"?
7
83
254
Another week, another SSLVPN RCE - this time, it's CVE-2024-3400 in Palo Alto's GlobalProtect.
But, we've seen no public analysis 🙁 so, allow us..
8
102
253
we are truly shocked to hear about a CVSS 10.0 vuln in ConnectWise
shocked
4
44
236
Progress just un-embargoed a very closely guarded auth bypass in MOVEit Transfer's SFTP mechanism - CVE-2024-5806.
We were lucky enough to receive a tip-off :-) Enjoy our analysis, we had a lot of fun.
7
85
185
we've released our analysis of
#xortigate
or CVE-2023-27997!
(sorry for reusing the meme, we just love it)
#fortinet
#cve
#vulnresearch
#attacksurfacemanagement
3
83
179
yes you read it right - trying to reproduce this weeks Ivanti CVEs has led us into further 0days on a fully patched Ivanti SSLVPN device
We’ll report; but our 90 day policy will restrict any further sharing
11
61
178
it's not Friday, but it's def Nday - ha ha ha 🫠
Check Point's very friendly 'info disclosure' needed a little bit of attention, and thus we've flung our analysis onto the Internet for CVE-2024-24919 - enjoy!
3
57
159
QNAP QTS - QNAPping At The Wheel (CVE-2024-27130 and friends)
happy Friday, with QNAP RCE 0dayz. Enjoy our analysis of the first (
#1
) of 15 bugs :pPpppPPpPp
1
59
122
🚀Ivanti Connect Secure CVE-2024-22024
we've released our watchTowr Labs blog post, containing a little bit of commentary, our analysis, and an unweaponized reproducer for this vulnerability.
Enjoy the read, we're excited to share more research soon!
6
55
109
Today, we take on IBM - discussing unauth Remote Code Execution vulns we recently disclosed in IBM's Operational Decision Manager
These bugs, and their PoCs, require more letters than the mighty '/' - but hopefully still an enjoyable read
More soon....
3
38
88
🚀 We have reproduced both in-the-wild exploited Ivanti zero-days (CVE-2023-46805 & CVE-2024-21887) 🥷
We've released some of our research in this blogpost - but rest assured, full exploit chain details are heavily redacted (for now) 🙂
0
36
79
Join us on our recent journey, exploiting unauthenticated AJP smuggling vulnerabilities in IBM's QRadar - with included detection artefactor generator tools :-)
Who needs XZ backdoors?????
#attacksurfacemanagement
2
24
50
we're back - causing trouble with more enterprise-grade firewalls :-) join us on the journey...
1
12
42
Full-disclosure works.
"Moving forward, for vulnerabilities triaged as High or Critical severity, we commit to completing remediation and releasing fixes within 45 days. " 🫡
0
3
33
The world is ablaze with discussions around the recently revealed Exim 0days.
What's going on, is the sky falling? Are there really 3.5 million Exim servers vulnerable? Let's tackle each bug in turn and see.
A thread.. 1/N 🧵
1
12
34
We’re thrilled to welcome our newest watchTowr Labs member,
@SinSinology
🚀
The mayhem will continue until the planet is hacked 🫡
0
4
32
🚀 chaining a few 'medium' severity vulnerabilities to achieve unauthenticated RCE on Juniper devices..
0
12
31
we're back, cooking up a storm 👩🍳 👨🍳 🍳
Form Tools Remote Code Execution: We Need To Talk About PHP
#attacksurfacemanagement
#vulnresearch
#watchtowr
0
16
31
a good time to mention - we're hiring Vuln Researchers to join our watchTowr Labs team in SG and UK, to do 0day/Nday research that goes into our ASM product and sometimes on our blog.
No shady vuln sales here.
2
8
28
nevermind sorry, it's just more Ivanti 0day on a fully patched appliance - no reproducer yet 😢
1
8
25
something something sophistication levels only achievable by a nation-state something something string concat command injection something something
3
3
25
We would like to take this opportunity to highlight the obvious
If we did this, who else did this
0
6
22
we spent some time looking for 0days in yet another SSLVPN device - SonicWall's NSv! Follow along on the journey with the watchTowr Labs team... 🚀
#sonicwall
#vulnresearch
#attacksurfacemanagement
0
8
21
what's that sound? is it the sound of another earth-shattering world-ending single-character PoC? or is it a new watchTowr Labs blogpost?
let's see...
2
3
20
Detection artefact generator tooling is here:
0
5
19
“hear me out…. if we release more PoCs…. then we can get more bones…”
1
1
18
🫡 join watchTowr Labs on our latest adventure into OpenCMS - today though, we take a detour to attack exploitable dependencies 🚀
Dive into our technical analysis, our analysis approach, and PoCs 🙂
0
5
19
watchTowr is expanding globally!
@_bytefantastic
and
@inkmoro
have joined our Europe Labs team, based in the UK, and are visiting the Singapore team this week!
🚀🚀🚀🚀🚀🚀🚀🚀🚀🚀
1
4
18
reporters, please stop emailing us to ask who d4v1d_bl41ne is - it’s a joke
2
2
17
a healthy obsession with SSLVPNs, memes, and trolling are good-to-haves
0
0
17
Our brief technical analysis of the sky-is-falling
#exim
#0days
is now live 🚀
Read along with the
@watchtowrcyber
Labs team to understand CVE-2023-42115!
#attacksurfacemanagement
#vulnresearch
#watchtowr
The world is ablaze with discussions around the recently revealed Exim 0days.
What's going on, is the sky falling? Are there really 3.5 million Exim servers vulnerable? Let's tackle each bug in turn and see.
A thread.. 1/N 🧵
1
12
34
0
4
14
🚀 back in September, while analysing Juniper n-days, we stumbled into... more
Read our latest dive into Juniper code, where we discuss the unauthenticated file read > root password hash disclosure vulnerability that we discovered in Juniper J-Web
1
12
14
When software is introduced as the solution used by “Enterprises and Governments” worldwide - naturally, attention is drawn 😀
Join us on our journey to RCE in Orbeon Forms
0
6
14
we are serious - come join us hack the planet
a good time to mention - we're hiring Vuln Researchers to join our watchTowr Labs team in SG and UK, to do 0day/Nday research that goes into our ASM product and sometimes on our blog.
No shady vuln sales here.
2
8
28
0
2
12
@x1m_martijn
There are credits all over our Twitter, blogpost and GitHub repo to
@orange_8361
for this vuln 🫡
2
0
10
we've now published our technical analysis!
1
4
8
as always; our clients - users of the watchTowr Platform, our ASM and CART technology - benefit from early identification of vulnerable appliances across their attack surface so that proactive actions can be taken
0
0
9
🚀 our analysis of GitLab's Arbitrary File Read (CVE-2023-2825), including PoC is out!
#CVE20232825
1
4
8
is the curl CVE-2023-38545 as bad as suggested?
No. No, it's not.
Read our rapid analysis to understand more, and see which stars need to align for this vulnerability to be real-world-usable.
0
3
8
🥷 we're growing watchTowr Labs - we're on the hunt for a Principal Vulnerability Researcher!
A pure research role - focused on analysing N-day and discovering 0-day vulnerabilities - full-time. 👊
0
6
5
VPN appliance security leaves a lot to be desired. We've blogged some of our recent experiences and shared some thoughts on this sorry state of affairs.
#attacksurfacemanagement
#vulnresearch
0
2
5
🎄 from the watchTowr team, we wish everyone a happy Christmas and a fantastic New Year!
May your 2024 be full of shells, pwnage and 0dayzz
We're looking forward to continuing the mayhem... see you in January! 🫡
0
2
5
🚨 it all begins again - there is a new in-the-wild Ivanti SSLVPN vulnerability being exploited
Ivanti have updated their original vulnerability knowledge base article to add further vulnerabilities, inc an active ITW SSRF vulnerability being used to bypass authentication
1
1
5
"At this point, we're onto something - we have an arbitrary value in the shape of a filename being injected into a shell command. Are we on a path to receive angry tweets again?"
0
1
4
🚨 we have confirmed and reproduced the rumoured Fortinet FortiGate RCE that is embargoed until the 13th, discovered by Olympe Cyberdefense. Please patch ASAP.
1
3
4
we're hiring! come and join an incredible phorce of nature as we progress on our world domination mission 🚀
if any of the roles in the picture interest you, please check out the JDs at 💪
0
5
3
@GelosSnake
@ManishNeupane03
sir, the SSLVPN world moves too fast to think about vulnerabilities in terms of years
1
0
2
🥷 we've reproduced and confirmed both the triviality and impact of the CVE-2023-35078.. please patch your Ivanti/MobileIron appliances.. 😰
#attacksurfacemanagement
#vulnresearch
#ivanti
#mobileiron
#cve202335078
0
1
2
🚀 The countdown begins - just 3 days to go until 44CON!
We are thrilled to be sponsoring 44CON this year and we can't wait to see everyone there 🥳
We have a lot of watchTowr t-shirts to give away; please don't leave us with any! 😀
#attacksurfacemanagement
#44con
#london
0
1
2
📦 We’re back, in part 3 of our series on discovering Docker secrets 🚀
@AlizTheHax0r
lays out the overall architecture of the system used to ingest over 22,000 Docker containers:
#cybersecurity
#continuousautomatedredteaming
#attacksurfacemanagement
0
1
2
First, let's look at the 'worst' - CVSS 9.8, CVE-2023-42115. Whoa! Scary. It's an out-of-bounds write that can lead to RCE. But hang on, there's a huge caveat - it only affects 'external' authentication. If you're not using that, no need to worry.
1
0
1
Customers of the watchTowr Platform benefited from a rapid response to this weakness more than 12 hours ago as part of our global and 24/7 Rapid Reaction capabilities.
0
0
1