One of the most popular email servers disclosed a severe security bug today that warrants investigation. The official advisory from Exim (CVE-2019-15846), notes that “all versions up to and including 4.92.1” are affected by this vulnerability. We searched our data to better understand the scope of this issue and found around 4.5M Exim instances, running on around 2M IPs, are affected. All of these instances would need to patched or take offline to fully mitigate this issue.
A new MySQL-related default setting can cause some real headaches/insecurities. We wanted to quickly assess just how many hosts were affected by this issue so that our Enterprise customers could find insecure SphinxSearch hosts they own, including those that are in use within their organization.
Now you can easily search for exposed Prometheus endpoints in our IPv4 data set. Since these applications can lead to data loss if not properly secured, it’s important to find any that are still are the Internet that you and your team are no longer using so you’re not opening your organization up to unnecessary risk. We’ll walk you through how to find them in this article.
We’ve recently added a new protocol to our data set: Kubernetes. Now users can find all Kubernetes components exposed on the Internet. Since these open-source devops tools are often misconfigured, they are often targeted by attackers who want access into an organization.
We’re excited to announce that our new enterprise security platform is in limited, closed beta! We plan to make Censys Platform, our first SaaS product, available to everyone in Fall 2019. Get more details and find out how Censys can help you get full visibility into your attack surface and monitor, track, and remediate threats to protect your organization.
A new Microsoft Exchange Server CVE was recently reported that allows for an attacker to access email mailboxes of any user, if exploited. We’ll show you the results of our search for affected servers and provide a quick tutorial for how threat hunters and pentesters on how to use our data to find vulnerabilities.
Censys recently added massive amounts of new Internet scan data about SMB ports. SMB is a good example of low-hanging fruit for attackers, because it’s a protocol used across many services and has a lengthy history of insecure configurations or implementation bugs.
A new security vulnerability leaves about 1600 Sharepoint servers open to attack. Explore how we tracked this CVE and see if your organization is affected.
Most organizations that use Elasticsearch databases use it to store business and customer information. It’s popular for web applications because it allows for easy ingestion and search, making powerful applications easy to develop. Use Censys to find out if your company is properly securing Elasticsearch databases.
We’re excited to announce that Censys users can now take advantage of the incredible power of Maltego’s visualization tools to help enrich and understand their assets. Using Censys with Maltego makes it easier for you to visualize vulnerabilities and complex relationships between digital assets.
In this article, we’ll teach you how to think like threat hunters and use the open source tool YARA alongside Censys to find Coinhive, a cryptocurrency miner service.
Apache HTTP Web Server users should update their servers immediately to prevent critical security flaws for cloud and shared web hosting providers. Use Censys to find the Apache HTTP Web Servers your organization is using, even the ones you didn’t already know about, that are actually connected to the Internet, potentially vulnerable, and require patching.