security

📅 Kalender

< April 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
123456789101112
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
security

5 Free Things for Everybody

von shodan07.08.2024

Here are some of the free services that Shodan provides that don’t require any payment, don’t require a Shodan account and don’t require an API key: 1. Vulnerability Information https://cvedb.shodan.io The CVEDB website lets you explore known vulnerabilities and provides a free API to quickly get vulnerability

Mehr lesen →
soc

MAR-10448362-1.v1 Volt Typhoon

06.02.2024

Notification This report is provided „as is“ for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR–Recipients may share this information […]

Mehr lesen →
security

Deep Dive: Malware Hunter

von shodan14.01.2024

There are many ways to track command & control servers from bad guys but they often rely on looking for indicators in the service metadata (ex. certificate information). Around a decade ago we developed a novel technique to proactively find the infrastructure: Malware Hunter. Malware Hunter finds command & control

Mehr lesen →
security

Deep Dive: http.favicon

von shodan10.01.2024

Favicons are the small icons that you see in the browser tab next to the website title or in your bookmarks. For example, the Shodan logo on the left side of the browser tab is the favicon: They typically contain the logo of the company which gives them 2 functions:

Mehr lesen →
soc

MAR-10478915-1.v1 Citrix Bleed

21.11.2023

   Notification This report is provided „as is“ for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR–Recipients may share this […]

Mehr lesen →
soc

MAR-10454006.r5.v1 SUBMARINE, SKIPJACK, SEASPRAY, WHIRLPOOL, and SALTWATER Backdoors

07.09.2023

   Notification This report is provided „as is“ for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR–Recipients may share this […]

Mehr lesen →
soc

MAR-10430311-1.v1 Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475

06.09.2023

   Notification This report is provided „as is“ for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR–Recipients may share this […]

Mehr lesen →
soc

Infamous Chisel Malware Analysis Report

31.08.2023

Infamous Chisel–A collection of components associated with Sandworm designed to enable remote access and exfiltrate information from Android phones. Executive Summary Infamous Chisel is a collection of components targeting Android devices. This malware is associated with Sandworm activity. It performs periodic scanning of files and network information for exfiltration. System and application configuration files are […]

Mehr lesen →
security

Changelog: www.shodan.io

von shodan30.08.2023

A few notable usability improvements to the IP information page: Web Technologies Web technologies are now grouped by categories and we show version information (if available). The information was always grouped in the underlying JSON and we now also show it that way on the website. Learn more about the

Mehr lesen →
security

Developer Access to Shodan Trends

von shodan21.08.2023

As a quick recap, Shodan Trends is a website that lets you see how the Internet has changed over time. For example, you can use it to see how exposed industrial control systems have been over the years: Up until now, the only option to download the information was to

Mehr lesen →