Summary: RedHunt Labs conducted an extensive analysis of billions of IP addresses focusing on port 80 to enhance their Attack Surface Management platform, revealing critical insights into online security. The findings highlight significant gaps in HTTPS adoption and the diversity of web server configurations across the internet.
Threat Actor: N/A | N/A
Victim: N/A | N/A
Key Point :
- Approximately 42 million IPs were found with port 80 open, indicating a large surface area for potential vulnerabilities.
- Only 12.8% of hosts with port 80 implemented secure redirection to HTTPS, leaving many connections vulnerable.
- Amazon Trust Services was the leading issuer of SSL certificates, but older ciphers remain in use, highlighting security concerns.
- Nginx and Apache were the most popular web servers, with a significant number of hosts on AWS infrastructure.
- Analysis of favicons revealed a diverse range of services exposed online, including security devices and cameras.