GreyNoise Tag Round Up | September 2 - 13

New Tags

MongoDB Crawler  [Intention: Unknown]

Apple iOS Lockdownd Crawler [Intention: Unknown]

HTTP Request Smuggling [Intention: Malicious]

  • This IP address has been observed attempting to smuggle HTTP requests, a method commonly used to bypass load balancer or proxy security restrictions.
  • Sources: PortSwigger, JFrog
  • See it on GreyNoise Viz

Gh0st RAT Crawler  [Intention: Malicious]

nJRAT Crawler  [Intention: Malicious]

Supervisor XML-RCE Attempt  [Intention: Malicious]

  • This IP address has been observed attempting to exploit CVE-2017-11610, a remote command execution vulnerability in Supervisor client/server.
  • Sources: NIST, Supervisor
  • See it on GreyNoise Viz

New Actor Tag

BLEXbot [Intention: Benign]