You mentioned an "investigation," but I'm not seeing the details, analysis, or logical walk-through of an "investigation." I would also note that all the US Department of Energy Lab facilities and the EoE have a vulnerability reporting process. If you find something, report it.
I know this works from past "tripping over a risk" in a DoE facility, reporting it, and seeing it resolved ASAP.
If you are worried about the unpatched vulnerabilities, you can get details from the Shadowserver Dashboard (overview, not the specifics - subscribe your ASN, IPs, and domain to get your specifics).
For example, you can see who is still exposed to Fortinet CVE-2024-55591 here:
Terrifying
Aa
Bb
Cc
Dd
Ee
Ff
Gg
GANG
I think you will like this:
https://branislavradeljic.substack.com/p/what-does-chatgpt-prefer-democracy
Why do both of these articles exist with same or overlapping content but different titles?
https://cyberintel.substack.com/p/doge-exposes-once-secret-government
You mentioned an "investigation," but I'm not seeing the details, analysis, or logical walk-through of an "investigation." I would also note that all the US Department of Energy Lab facilities and the EoE have a vulnerability reporting process. If you find something, report it.
I know this works from past "tripping over a risk" in a DoE facility, reporting it, and seeing it resolved ASAP.
Suggestion: Limit your investigation to Shodan by using one lens on the exploration. Expand out. There are a suite of tools, all looking at that risk with different lenses. For example, plug the Shadowserver Foundation (www.shadowserver.org). Check out their public Dashboard (https://dashboard.shadowserver.org/) and some YouTube videos (https://www.youtube.com/@Shadowserver-Foundation).
If you are worried about the unpatched vulnerabilities, you can get details from the Shadowserver Dashboard (overview, not the specifics - subscribe your ASN, IPs, and domain to get your specifics).
For example, you can see who is still exposed to Fortinet CVE-2024-55591 here:
https://dashboard.shadowserver.org/statistics/combined/map/?map_type=std&day=2025-02-09&source=exchange&source=exchange6&source=http_vulnerable&source=http_vulnerable6&tag=cve-2024-55591%2B&geo=all&data_set=count&scale=log
https://www.linkedin.com/posts/andy-jenkinson-96210727_the-crumbling-digital-walls-of-power-are-activity-7294620008200953856-oz5W?utm_source=share&utm_medium=member_desktop&rcm=ACoAAAWIcJoBxM0byv5xOwZw3Y9dfgGOwEwRPfM
Also, please note, all IPv4 addresses above are Not Secure.