Ever curious about Internet Measurement and why it matters for security? You're in luck! Come check out Ariana Mirian (@[email protected])'s BSides Las Vegas talk later today on exactly that. Ground Truth at 3 PM!

“There’s no password. They are quite literally sitting on the public internet." Hundreds of digital systems used to control water, oil, agriculture and other US industries are vulnerable to outside interference over the open internet, Censys found. bloomberg.com/news/newslette…

Our researchers dove into the scope of the recent #DigiCert compliance issue, identifying top companies and industries affected. We see 26k+ impacted certs still in use on public-facing hosts - and nearly 99% have been revoked #CensysRapidResponse censys.com/the-digicert-d…

Catch Censys Principal Security Researcher Emily Austin today at 10:20 am in Business Hall Theater D as she discusses the mind-blowing magic of TLS certificates and why they're among the unsung heroes of cybersecurity! Don't miss it!

Exploited, public-facing assets are the top initial access vectors for #ransomware attacks according to the Cyentia Institute (Cyentia Institute). Learn how to take immediate action against the vulnerabilities ransomware groups will target with Censys ASM ➡️ cnys.io/wuguly

🚨 Microsoft has patched CVE-2024-38077, a critical RCE flaw in Windows Remote Desktop Licensing Service (CVSS 9.8). 79k instances exposed online. Apply patches immediately! #CVE #RCE #CensysRapidResponse censys.com/cve-2024-38077/

🚨 Security Advisory: A critical RCE vulnerability (CVE-2024-37287, CVSS 9.9) in Elastic Kibana could allow attackers to execute arbitrary code via ML and Alerting connectors. Patch now to secure your instances! #CensysRapidResponse censys.com/cve-2024-37287/

Every week we share useful and unique queries in the Censys Community Forum! This week we shared a query for locating hosts that have executable files in their index files. These hosts are worth a deeper look to determine what they're being used for. community.censys.com/search-q-a-7/c…

DigiCert's deadline for re-issuing revoked, improperly validated certificates was last Friday, yet Censys still detects 22.6k+ impacted certs on public-facing hosts as of yesterday—a ~14% drop from last week. Orgs may be facing challenges with cert management.

I'm extremely excited about presenting at Labscon this year and sharing the stage with Emily! We (GreyNoise , Censys) have been planning some research that will tell a fascinating story; the best part is that we, too, have yet to learn how it ends! labscon.io/speakers/glenn…

Censys is Hiring! Check out (and pass along!) our open roles on the Marketing Team at censys.com/careers to learn more! #HiringNow #infosecurity

🚨Exciting news! Censys partnered with C3SA Cyber Security Audit to enhance #cybersecurity for Canada’s public & private sectors. Together, we’re delivering high-fidelity, actionable intelligence to safeguard against cyber threats. #CriticalInfrastructure #Partnership #InternetIntelligence

Censys is Hiring! Check out (and pass along!) our open roles on the Product Team at censys.com/careers to learn more! #HiringNow #infosecurity

🚨 High-severity CVE-2024-39717 in Versa Director reportedly targeted by Volt Typhoon. Exploitation requires admin privileges, making it relatively challenging to exploit. Patch available: 🔧 censys.com/cve-2024-39717/

🔥#ICYMI: This week, our research team identified more than 160 exposed Versa Director devices still online - presenting a ripe attack surface for attackers. Check out the full findings in SecurityWeek: securityweek.com/censys-finds-h…

🚨 Advisory: Critical RCE vulnerability in Progress WhatsUp Gold (CVE-2024-4885) allows unauthenticated attackers to execute arbitrary code. Update to version 2023.1.3 immediately! #CensysRapidResponse censys.com/cve-2024-4885/

🚨 Moodle RCE Vulnerability (CVE-2024-43425) alert! Attackers can execute code via calculated questions. Update to 4.4.2, 4.3.6, 4.2.9, or 4.1.12 ASAP. 238,205 exposed Moodle instances detected by Censys. More info: censys.com/cve-2024-43425/ #CensysRapidResponse

New research from Global Resilience Federation finds manufacturers are top targets for #ransomware in 2024. Check out our latest blog for more insight and for manufacturing use case queries you can run to identify exposures: cnys.io/222dxq

Every week we post useful queries that you can start using immediately in our Community. This week we shared one for finding typosquatted domains - check it out here! community.censys.com/search-finding…

This week's cool query of the week is...in a script! You can use this script to identify newly-issued certificates that might be used to impersonate an organization. community.censys.com/search-finding…