Mastodawn

Censys Feb 4, 2025

🚨 New threat: BADBOX botnet targets both off-brand and major Android devices, potentially with pre-installed malware. Over 190k infected, including high-end Yandex TVs. Learn how a suspicious SSL cert led to uncovering its infrastructure. https://censys.com/unpacking-the-badbox-botnet/ #threathunting #CensysResearch

Unpacking the BADBOX Botnet with Censys

Discover BADBOX, a new botnet pre-infecting Android devices—including TVs—via factory malware. Explore supply chain threats from one SSL certificate.

Censys

Censys Jan 24, 2025

Censys researchers tracking a recently disclosed zero-day vulnerability in Ivanti Connect Secure discovered hundreds of instances may have been compromised through exploits of CVE-2025-0282. Learn more: https://www.cybersecuritydive.com/news/ivanti-connect-secure-backdoors/738252/

#censysresearch

Attackers lodge backdoors into Ivanti Connect Secure devices

Shadowserver scans found 379 compromised Ivanti Connect Secure devices. Researchers said the situation is serious and likely impacts more organizations.

Cybersecurity Dive

Censys Jan 16, 2025

Despite law enforcement disruption, Volt Typhoon's activity continued through 2024; read more in our new blog: https://censys.com/will-the-real-volt-typhoon-please-stand-up/

#volttyphoon
#CensysResearch

Will the Real Volt Typhoon Please Stand Up?

Censys

Censys Oct 21, 2024

Healthcare’s digital transformation comes with consequences — as more systems become connected to the internet, the risk of exposing patient data increases. Our security researcher, Himaja Motheram sat down with @MedCityNews to discuss her latest findings: https://medcitynews.com/2024/10/cybersecurity-healthcare-2/

#CensysResearch

Nearly 7,000 US Healthcare Devices & Records Are Exposed to the Public Internet, Research Shows

New research shows that there are more than 14,000 unique IP addresses across the globe exposing patients’ potentially sensitive medical information on the public internet. Nearly half of these exposures are in the U.S.

MedCity News

Censys Oct 19, 2024

🖥️ "Healthcare organizations should prioritize removing public access to any DICOM systems entirely. Implementing firewalls and VPNs can create more secure access points." Check out our team's recent healthcare research in @HealthITNews: https://www.healthcareitnews.com/news/thousands-medical-devices-and-systems-pose-iot-security-risk

#CensysResearch

Thousands of medical devices and systems pose IoT security risk

Himaja Motheram, a security researcher, walks CISOs and other security leaders through the various weaknesses in healthcare and offers solutions to protect organizations and their data.

Healthcare IT News

Censys Oct 10, 2024

Censys examined the global external attack surface of publicly accessible medical devices and IoHT applications, uncovering legacy protocols, unauthenticated medical image databases, and data platforms with histories of exploited vulnerabilities. Read on: https://censys.com/state-of-internet-of-healthcare-things/

#CensysResearch

The Global State of Internet of Healthcare Things (IoHT) Exposures on Public-Facing Networks

Censys

Censys Oct 8, 2024

🩺 In addition to regular patch management and software updates, healthcare entities need to implement strong anti-phishing strategies to prevent widespread exploitation. Our Security Researcher Himaja Motheram & @ISMG_News discuss the current landscape: https://www.healthcareinfosecurity.com/feds-warn-health-sector-new-trinity-ransomware-threats-a-26468

#censysresearch

Feds Warn Health Sector of New 'Trinity' Ransomware Threats

Health sector entities have yet another ransomware group to worry about, warn U.S. federal authorities. Trinity, a relatively new sophisticated threat actor, is

Censys Sep 9, 2024

This week, a critical vulnerability in Veeam’s backup and replication software came to light and Censys has identified 2,833 potentially vulnerable instances. To learn more and get the details on patch recommendations, check out @HackRead: https://bit.ly/3ZgFLDm

#censysresearch

New Veeam Vulnerability Puts Thousands of Backup Servers at Risk - PATCH NOW!

Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News

Censys Aug 28, 2024

🔥#ICYMI: This week, our research team identified more than 160 exposed Versa Director devices still online - presenting a ripe attack surface for attackers. Check out the full findings in @SecurityWeek: https://www.securityweek.com/censys-finds-hundreds-of-exposed-servers-as-volt-typhoon-apt-targets-isps-msps/

#censysresearch

Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets ISPs, MSPs

Amidst Volt Typhoon zero-day exploitation, Censys finds hundreds of exposed servers presenting ripe attack surface for attackers.

SecurityWeek

Censys Aug 7, 2024

New Research: Censys finds more than 18,000 devices that are likely to control industrial systems in the U.S. and U.K. are exposed to the public Internet. Learn more about this breaking research and what it means for our critical infrastructure security: https://censys.com/research-report-internet-connected-industrial-control-systems-part-one

#censysresearch

Research Report: Internet-Connected Industrial Control Systems (Part One)

Censys finds that more than 18,000 devices that are likely to control industrial systems in the U.S. and U.K. are exposed to the public Internet. Learn more about this breaking research and what it means for our critical infrastructure security.

Censys