Skip to main content

The following enhancements and improvements are now available to Censys ASM and Search customers.

Censys ASM

  • Use CVE (Common Vulnerability and Exposures) risks in Censys ASM to identify software vulnerabilities in your attack surface and understand how critical and exploitable they are, enabling you to respond to the most important risks in your attack surface first and avoid chasing low-risk issues.
    • This release adds over 5,000 CVE risks to the ASM risk library.
    • Each CVE risk includes Known Exploited Vulnerability (KEV) information, Common Vulnerability Scoring System (CVSS) scores, and attack vector indicators.
    • When a new CVE is cataloged by the National Vulnerability Database (NVD), it becomes discoverable in Censys ASM alongside its CVSS score within 24 hours.
    • You can adjust the criteria for surfacing CVE risks in your ASM workspace. By default, only CVEs that meet the following criteria are included:
      • CVSS score High to Critical
      • Present in KEV catalog
      • Network Attack Vector
    • CVE risks are available to all ASM customers.
    • Learn more about CVE risks in ASM in the following video.

       

Rapid Response

The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:

New Protocols

Added support for the following protocols:

New Fingerprints

Added the following fingerprints:

Type

Name

Description

Query

software

AutoGPT

This is an AutoGPT Server.

Search Query

software

Ivanti Cloud Services Appliance

This is an Ivanti Cloud Services Appliance Server.

Search Query

software

Scope Sentry

This is a Scope Sentry Server.

Search Query

software

VMware vSphere

This is a VMware vSphere Server.

Search Query


 

I have noticed a CensysIO user popping in and out of my mumble server. How can I completely ban your service from entering my server? I set firewall rules to deny any connection from the IP addresses listed here, https://support.censys.io/hc/en-us/articles/360043177092-Opt-Out-of-Data-Collection, but I’m still getting the occasional drop-in.

Please stop.


I have noticed a CensysIO user popping in and out of my mumble server. How can I completely ban your service from entering my server? I set firewall rules to deny any connection from the IP addresses listed here, https://support.censys.io/hc/en-us/articles/360043177092-Opt-Out-of-Data-Collection, but I’m still getting the occasional drop-in.

Please stop.

Hey there, we’re taking a look at our scanner for mumble. Apologies for the inconvenience. Thanks for reporting this.