We walk through how to investigate this month’s Microsoft Windows Remote Desktop Gateway (RD Gateway) vulnerabilities with a system like Censys.
We’ve recently added a significant amount of data about 1000 additional ports that you can use to search for assets on uncommon ports. This Universal Internet Data Set data set, this new data set gives you more data about more things! Some of the new ports we’re scanning will help you find things like Kibana, Docker, Redis, and ElasticSearch, for example. To get the full list of these new protocols, head over to our technical documentation page.
Exim, the widely used, open-source mail transfer agent (MTA), released an urgent security update regarding Exim versions, up to and including 4.92.2. The vulnerability (CVE-2019-16928) is a heap-based buffer overflow (memory corruption) issue in string_vformat defined in string.c file of the EHLO Command Handler component, allowing hackers to trigger a denial of service on a targeted Exim server using a specifically crafted line in the EHLO command.
Censys now performs broad, lightweight scans on over 1,000 TCP/IP services and publishes a daily snapshot that includes the certificates and banners found on each host.