Forrester & Censys | Cybersecurity Predictions for 2021 | On-Demand Webinar | Stream Now!


Another Critical Exim Flaw, and How to Determine if You’re Affected

by Rachel Benson · September 30th, 2019

Exim, the widely used, open-source mail transfer agent (MTA), released an urgent security update regarding Exim versions, up to and including 4.92.2. The vulnerability (CVE-2019-16928) is a heap-based buffer overflow (memory corruption) issue in string_vformat defined in string.c file of the EHLO Command Handler component, allowing hackers to trigger a denial of service on a targeted Exim server using a specifically crafted line in the EHLO command.

More Than 4.5M Exim Instances Vulnerable to Remote Code Execution Attacks

by Sally Feller · September 9th, 2019

One of the most popular email servers disclosed a severe security bug today that warrants investigation. The official advisory from Exim (CVE-2019-15846), notes that “all versions up to and including 4.92.1” are affected by this vulnerability. We searched our data to better understand the scope of this issue and found around 4.5M Exim instances, running on around 2M IPs, are affected. All of these instances would need to patched or take offline to fully mitigate this issue.

New MySQL-Related Default Insecurity Affects 7500+ Apps

by Sally Feller · August 21st, 2019

A new MySQL-related default setting can cause some real headaches/insecurities. We wanted to quickly assess just how many hosts were affected by this issue so that our Enterprise customers could find insecure SphinxSearch hosts they own, including those that are in use within their organization.

New! Search Censys for Prometheus Endpoints

by Sally Feller · August 20th, 2019

Now you can easily search for exposed Prometheus endpoints in our IPv4 data set. Since these applications can lead to data loss if not properly secured, it’s important to find any that are still are the Internet that you and your team are no longer using so you’re not opening your organization up to unnecessary risk. We’ll walk you through how to find them in this article.

New Protocol: Find Exposed Kubernetes Components

by Sally Feller · August 13th, 2019

We’ve recently added a new protocol to our data set: Kubernetes. Now users can find all Kubernetes components exposed on the Internet. Since these open-source devops tools are often misconfigured, they are often targeted by attackers who want access into an organization.

Announcing Our Attack Surface Management Platform

by Sally Feller · August 5th, 2019

We’re excited to announce that our new enterprise security platform is in limited, closed beta! We plan to make Censys Platform, our first SaaS product, available to everyone in Fall 2019. Get more details and find out how Censys can help you get full visibility into your attack surface and monitor, track, and remediate threats to protect your organization.

Censys at Black Hat USA 2019

by Sally Feller · July 23rd, 2019

It’s our first year at Black Hat as an exhibitor and we can’t wait to see you all! Stop by our booth for a personalized demo of your attack surface, where we may find assets and infrastructure you weren’t aware were being used in your organization.

Around 9700 Microsoft Exchange Servers Affected by Privilege Escalation Vulnerability

by Sally Feller · July 17th, 2019

A new Microsoft Exchange Server CVE was recently reported that allows for an attacker to access email mailboxes of any user, if exploited. We’ll show you the results of our search for affected servers and provide a quick tutorial for how threat hunters and pentesters on how to use our data to find vulnerabilities.

A Chat with Our Amazing Interns

by Sally Feller · July 11th, 2019

Meet Ricky and Ben, the two interns we knew we needed on our team this summer at Censys. We wanted to get their feedback so far on working on the team and also highlight their work here so far.

Discover Your Potentially Vulnerable SMB Servers

by Sally Feller · June 12th, 2019

Censys recently added massive amounts of new Internet scan data about SMB ports. SMB is a good example of low-hanging fruit for attackers, because it’s a protocol used across many services and has a lengthy history of insecure configurations or implementation bugs.

Prevent Unnecessary Risk from pcAnywhere

by Sally Feller · May 21st, 2019

pcAnywhere is an insecure remote access application, but your employees may be using it without your knowledge. Find those instances in Censys and then provide employees with secure remote access alternatives so they can work remotely.

Around 1600 Sharepoint Servers Vulnerable to Attack

by Sally Feller · May 21st, 2019

A new security vulnerability leaves about 1600 Sharepoint servers open to attack. Explore how we tracked this CVE and see if your organization is affected.

How to Make Sure Your Elasticsearch Databases Aren’t Exposed

by Sally Feller · May 7th, 2019

Most organizations that use Elasticsearch databases use it to store business and customer information. It’s popular for web applications because it allows for easy ingestion and search, making powerful applications easy to develop. Use Censys to find out if your company is properly securing Elasticsearch databases.

Now Available: Maltego Integration for Censys Users

by Sally Feller · April 18th, 2019

We’re excited to announce that Censys users can now take advantage of the incredible power of Maltego’s visualization tools to help enrich and understand their assets. Using Censys with Maltego makes it easier for you to visualize vulnerabilities and complex relationships between digital assets.

Hunting for Threats: Coinhive Cryptocurrency Miner

by Sally Feller · April 10th, 2019

In this article, we’ll teach you how to think like threat hunters and use the open source tool YARA alongside Censys to find Coinhive, a cryptocurrency miner service.