Hello and welcome to the Thursday, January 12, 2020,

edition of the Santernut Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

You may have heard of the Sissar known-exploited Vulnerability's catalog or K KEB catalog. This is a catalog of

vulnerabilities which are known to be currently exploited and SISA publishes it of course with

its main focus on federal government to basically set guidelines as to what vulnerabilities

to prioritize when patching.

But the list is, of course, very useful for anybody else trying to find very risky systems in your network.

Problem is that, in particular, small business and such, don't necessarily may have the tools to scan your

network for these vulnerabilities.

So Jan went ahead and said, hey, Shodan already is detecting 44 out of the 870 vulnerabilities

in the KV catalog.

Why not let Shudan do to work?

And Jan adopted his tri-op tool to automatically query Shodan for a particular IP address

range to see if it detected any of these Eur systems being vulnerable to one of these 44 vulnerabilities.

Now, 44 out of 870 may not

sound like a huge number, but remember, if Shodang can detect them, then probably a lot of

attackers can detect them as well. So these are certainly the low-hanging fruit.

And out of these 870 high-pri high priority vulnerabilities, the highest high priority

vulnerabilities that you certainly need to address quickly. The tool that Jan wrote

triops is available via GitHub and more details and examples and how to use it can be found in

today's diary.

...