Category: watchTowr Labs

china, CISA, CVE, Cybercrime, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), edge devices, espionage, exploit, Exploits, firewall, firewalls, Global Security News, greynoise, GreyNoise IO, ivanti, known exploited vulnerabilities (KEV), Rapid7, Research, Technology, Threats, virtual private network (VPN), vulnerabilities, watchTowr Labs, zero days

Questions mount as Ivanti tackles another round of zero-days

May 28, 2025

Multiple attackers are raiding Ivanti customers’ systems again by exploiting a pair of closely intertwined vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) to achieve unauthenticated remote code execution. The software defects — CVE-2025-4427 and CVE-2025-4428 — were exploited as zero-days before Ivanti disclosed and patched the flaws. “We are aware of a very limited number…

Here’s all the ways an abandoned cloud instance can cause security issues

February 4, 2025

There is a line of thought among the public that “the internet is forever.” A security company published research Tuesday that showed why “forever” can be a security nightmare. Over the course of four months, cybersecurity researchers at watchTowr monitored and ultimately took control of what they referred to as “abandoned” digital infrastructure, focusing on…

Malicious hackers have their own shadow IT problem

January 8, 2025

Every chief information security officer worth their salt spends time thinking about the problem of shadow IT in their enterprise. Systems, hardware or infrastructure that might have been connected to your network years ago, for reasons no one can remember, were then summarily forgotten until years later when they become an entry point in a…