Now that you're (probably) working from home, have you checked to see what might be exposed to the internet on your home network? Check out what Censys can find about your IP address. We just put up https://me.censys.io, the super easy way to see what Censys knows about where you're connecting from. A quick click and poof, you'll see ports we found open, banners we grabbed, and more.
We walk through how to investigate this month’s Microsoft Windows Remote Desktop Gateway (RD Gateway) vulnerabilities with a system like Censys.
We’ve recently added a significant amount of data about 1000 additional ports that you can use to search for assets on uncommon ports. This Universal Internet Data Set data set, this new data set gives you more data about more things! Some of the new ports we’re scanning will help you find things like Kibana, Docker, Redis, and ElasticSearch, for example. To get the full list of these new protocols, head over to our technical documentation page.
Exim, the widely used, open-source mail transfer agent (MTA), released an urgent security update regarding Exim versions, up to and including 4.92.2. The vulnerability (CVE-2019-16928) is a heap-based buffer overflow (memory corruption) issue in string_vformat defined in string.c file of the EHLO Command Handler component, allowing hackers to trigger a denial of service on a targeted Exim server using a specifically crafted line in the EHLO command.
Censys indexes TLS certificates associated with hosts and services and also tracks a few specific vulnerabilities, which means you can use it to find outdated, insecure devices and certificates in your organization. We’ll take you through a few of those searches, related to TLS.
Censys now performs broad, lightweight scans on over 1,000 TCP/IP services and publishes a daily snapshot that includes the certificates and banners found on each host.