New Research: Attack Surfaces in Healthcare from a Hacker’s Point of View - Download Now


Ready to Get

Contact Sales


Tracking RoamingMantis - Mobile Banking Threat

by Jose Nazario · April 1st, 2020

Let’s go threat hunting in Censys! In this case, we’re hunting for RoamingMantis, a mobile banking threat that affects users by altering local DNS settings for further endpoint abuse. DNS Changer malware isn’t new, but RoamingMantis is a new delivery vehicle.

Actually Helpful Security Tips To Actually Help Your Security Team

by Art Sturdevant · March 24th, 2020

There’s a good chance you’ve heard about COVID-19 and the global pandemic that’s been taking the world by storm. There’s also a good chance that you are, or know, an IT or Security professional that has had their world upended to support a 100% remote workforce that was otherwise non-existent a couple of weeks ago.

Probing the Xiongmai/HiSilicon SoC Vulnerability

by Jose Nazario · February 7th, 2020

News broke this week about a critical vulnerability in the firmware of certain HiSilicon-based devices running software from Xiongmai, including network video recorders, IP enabled cameras, and digital video recorders. At Censys, our extended dataset for enterprise customers, the Universal Internet Data Set (UIDS), has been scanning port 9530 for some time now and found 188,989 hosts with that port open.

Assessing January 2020's Windows Remote Desktop Web Access Vulnerabilities

by Rachel Benson · January 17th, 2020

We walk through how to investigate this month’s Microsoft Windows Remote Desktop Gateway (RD Gateway) vulnerabilities with a system like Censys.

Universal Internet Dataset Gives 20x More Visibility Into IPs Running Torrenting Services

by Morgan Princing · December 20th, 2019

Censys recently released the Universal Internet Dataset, which increases the number of ports scanned from 40 to 1045. This port coverage expansion provided far more visibility into the less visited areas of the internet. The services running on port 443, 80, and 21 provide valuable information, but are much more sterile compared to some of what we find on ports such as 5357 or 10554.

Find 35-50% More Hosts on 1000+ New Ports

by Rachel Benson · December 4th, 2019

We’ve recently added a significant amount of data about 1000 additional ports that you can use to search for assets on uncommon ports. This Universal Internet Data Set data set, this new data set gives you more data about more things! Some of the new ports we’re scanning will help you find things like Kibana, Docker, Redis, and ElasticSearch, for example. To get the full list of these new protocols, head over to our technical documentation page.

Introducing the Censys SaaS Platform

by Rachel Benson · October 29th, 2019

Censys is proud to announce the commercial availability and official launch of our new SaaS Platform, providing organizations a vast and complete inventory of all assets on the internet and enabling them to understand exposure and prevent breaches.

Another Critical Exim Flaw, and How to Determine if You’re Affected

by Rachel Benson · September 30th, 2019

Exim, the widely used, open-source mail transfer agent (MTA), released an urgent security update regarding Exim versions, up to and including 4.92.2. The vulnerability (CVE-2019-16928) is a heap-based buffer overflow (memory corruption) issue in string_vformat defined in string.c file of the EHLO Command Handler component, allowing hackers to trigger a denial of service on a targeted Exim server using a specifically crafted line in the EHLO command.

More Than 4.5M Exim Instances Vulnerable to Remote Code Execution Attacks

by · September 9th, 2019

One of the most popular email servers disclosed a severe security bug today that warrants investigation. The official advisory from Exim (CVE-2019-15846), notes that “all versions up to and including 4.92.1” are affected by this vulnerability. We searched our data to better understand the scope of this issue and found around 4.5M Exim instances, running on around 2M IPs, are affected. All of these instances would need to patched or take offline to fully mitigate this issue.

New MySQL-Related Default Insecurity Affects 7500+ Apps

by · August 21st, 2019

A new MySQL-related default setting can cause some real headaches/insecurities. We wanted to quickly assess just how many hosts were affected by this issue so that our Enterprise customers could find insecure SphinxSearch hosts they own, including those that are in use within their organization.

New! Search Censys for Prometheus Endpoints

by · August 20th, 2019

Now you can easily search for exposed Prometheus endpoints in our IPv4 data set. Since these applications can lead to data loss if not properly secured, it’s important to find any that are still are the Internet that you and your team are no longer using so you’re not opening your organization up to unnecessary risk. We’ll walk you through how to find them in this article.

New Protocol: Find Exposed Kubernetes Components

by · August 13th, 2019

We’ve recently added a new protocol to our data set: Kubernetes. Now users can find all Kubernetes components exposed on the Internet. Since these open-source devops tools are often misconfigured, they are often targeted by attackers who want access into an organization.

Announcing Our Attack Surface Management Platform

by · August 5th, 2019

We’re excited to announce that our new enterprise security platform is in limited, closed beta! We plan to make Censys Platform, our first SaaS product, available to everyone in Fall 2019. Get more details and find out how Censys can help you get full visibility into your attack surface and monitor, track, and remediate threats to protect your organization.

Censys at Black Hat USA 2019

by · July 23rd, 2019

It’s our first year at Black Hat as an exhibitor and we can’t wait to see you all! Stop by our booth for a personalized demo of your attack surface, where we may find assets and infrastructure you weren’t aware were being used in your organization.

Around 9700 Microsoft Exchange Servers Affected by Privilege Escalation Vulnerability

by · July 17th, 2019

A new Microsoft Exchange Server CVE was recently reported that allows for an attacker to access email mailboxes of any user, if exploited. We’ll show you the results of our search for affected servers and provide a quick tutorial for how threat hunters and pentesters on how to use our data to find vulnerabilities.

Ready to Get Started?

Get a real-time view of all your organization's assets so you can proactively prevent threats.