Exim, the widely used, open-source mail transfer agent (MTA), released an urgent security update regarding Exim versions, up to and including 4.92.2. The vulnerability (CVE-2019-16928) is a heap-based buffer overflow (memory corruption) issue in string_vformat defined in string.c file of the EHLO Command Handler component, allowing hackers to trigger a denial of service on a targeted Exim server using a specifically crafted line in the EHLO command.
One of the most popular email servers disclosed a severe security bug today that warrants investigation. The official advisory from Exim (CVE-2019-15846), notes that “all versions up to and including 4.92.1” are affected by this vulnerability. We searched our data to better understand the scope of this issue and found around 4.5M Exim instances, running on around 2M IPs, are affected. All of these instances would need to patched or take offline to fully mitigate this issue.
A new MySQL-related default setting can cause some real headaches/insecurities. We wanted to quickly assess just how many hosts were affected by this issue so that our Enterprise customers could find insecure SphinxSearch hosts they own, including those that are in use within their organization.
Now you can easily search for exposed Prometheus endpoints in our IPv4 data set. Since these applications can lead to data loss if not properly secured, it’s important to find any that are still are the Internet that you and your team are no longer using so you’re not opening your organization up to unnecessary risk. We’ll walk you through how to find them in this article.
We’ve recently added a new protocol to our data set: Kubernetes. Now users can find all Kubernetes components exposed on the Internet. Since these open-source devops tools are often misconfigured, they are often targeted by attackers who want access into an organization.
We’re excited to announce that our new enterprise security platform is in limited, closed beta! We plan to make Censys Platform, our first SaaS product, available to everyone in Fall 2019. Get more details and find out how Censys can help you get full visibility into your attack surface and monitor, track, and remediate threats to protect your organization.
It’s our first year at Black Hat as an exhibitor and we can’t wait to see you all! Stop by our booth for a personalized demo of your attack surface, where we may find assets and infrastructure you weren’t aware were being used in your organization.
A new Microsoft Exchange Server CVE was recently reported that allows for an attacker to access email mailboxes of any user, if exploited. We’ll show you the results of our search for affected servers and provide a quick tutorial for how threat hunters and pentesters on how to use our data to find vulnerabilities.
Meet Ricky and Ben, the two interns we knew we needed on our team this summer at Censys. We wanted to get their feedback so far on working on the team and also highlight their work here so far.
Censys recently added massive amounts of new Internet scan data about SMB ports. SMB is a good example of low-hanging fruit for attackers, because it’s a protocol used across many services and has a lengthy history of insecure configurations or implementation bugs.
pcAnywhere is an insecure remote access application, but your employees may be using it without your knowledge. Find those instances in Censys and then provide employees with secure remote access alternatives so they can work remotely.
A new security vulnerability leaves about 1600 Sharepoint servers open to attack. Explore how we tracked this CVE and see if your organization is affected.
Most organizations that use Elasticsearch databases use it to store business and customer information. It’s popular for web applications because it allows for easy ingestion and search, making powerful applications easy to develop. Use Censys to find out if your company is properly securing Elasticsearch databases.
We’re excited to announce that Censys users can now take advantage of the incredible power of Maltego’s visualization tools to help enrich and understand their assets. Using Censys with Maltego makes it easier for you to visualize vulnerabilities and complex relationships between digital assets.
In this article, we’ll teach you how to think like threat hunters and use the open source tool YARA alongside Censys to find Coinhive, a cryptocurrency miner service.