The following enhancements and improvements are now available to Censys ASM and Search customers.

Censys ASM

• Updated the subject lines, visual styling, footers, and interactive components of email alerts sent from Censys ASM to provide a more consistent, descriptive, and accurate experience.
• Deployed an improvement to the domain lookup process to enhance the detection of domains associated with an organization’s attack surface.

Rapid Response

The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:

• The DigiCert DCV Bug: Implications and Industry Impact
  • Censys ASM customers can identify services that are actively using an impacted certificate within their workspaces by querying for the new low severity risk named “Certificate Affected by DigiCert July 2024 Revocation Incident”
  • Users of our Search feature can find hosts with affected certificates by querying labels=digicert-revoked-dcv. To refine the results for your specific domains, adjust this query to filter on services.tls.certificates.leaf_data.names.
• Jenkins arbitrary file read vulnerability through agent connections can lead to RCE (CVE-2024-43044)
  • Censys Search Query for all exposed Jenkins instances: services.software: (product: jenkins and product: jenkins)
    • Note that this does not pinpoint vulnerable versions.
  • Censys ASM query for potentially vulnerable Jenkins: risks.name="Jenkins Vulnerability iCVE-2024-43044]"

New Protocols

Added support for the following protocols:

• SER2NET
• NBD
• WEBLOGIC_T3
• SPICE
• ONVIF
• HIKVISION

New Fingerprints

Added the following fingerprints: