Cisco Talos Honeypot Analysis Reveals Rise in Attacks on Elasticsearch Clusters
Tags
Common Information
| Type | Value |
|---|---|
| UUID | ad3b654e-9f19-425c-8c62-465df504ac6c |
| Fingerprint | 25b029958977870b |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 26, 2019, 1:02 p.m. |
| Added to db | Feb. 17, 2023, 11:44 p.m. |
| Last updated | Nov. 17, 2024, 12:58 p.m. |
| Headline | Cisco Talos Intelligence Blog |
| Title | Cisco Talos Honeypot Analysis Reveals Rise in Attacks on Elasticsearch Clusters |
| Detected Hints/Tags/Attributes | 51/1/52 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 15 | cve-2014-3120 |
|
| Details | CVE | 17 | cve-2015-1427 |
|
| Details | CVE | 56 | cve-2018-7600 |
|
| Details | CVE | 81 | cve-2017-10271 |
|
| Details | CVE | 13 | cve-2018-1273 |
|
| Details | Domain | 1 | uuu.sh |
|
| Details | Domain | 904 | snort.org |
|
| Details | sha256 | 1 | bbd6839074adea734213cc5e40a0dbb31c4c36df5a5bc1040757d6baec3f8415 |
|
| Details | sha256 | 1 | e2f1be608c2cece021e68056f2897d88ed855bafd457e07e62533db6dfdc00dc |
|
| Details | sha256 | 1 | 191f1126f42b1b94ec248a7bbb60b354f2066b45287cd1bdb23bd39da7002a8c |
|
| Details | sha256 | 1 | 2bcc9fff40053ab356ddde6de55077f8bf83d8dfa6d129c250f521eb170dc123 |
|
| Details | sha256 | 1 | 9a181c6a1748a9cfb46751a2cd2b27e3e742914873de40402b5d40f334d5448c |
|
| Details | sha256 | 1 | 5fe3b0ba0680498dbf52fb8f0ffc316f3a4d7e8202b3ec710b2ae63e70c83b90 |
|
| Details | sha256 | 1 | 7b08a8dae39049aecedd9679301805583a77a4271fddbafa105fa3b1b507baa3 |
|
| Details | sha256 | 1 | 7f18c8beb8e37ce41de1619b2d67eb600ace062e23ac5a5d9a9b2b3dfaccf79b |
|
| Details | sha256 | 1 | dac92c84ccbb88f058b61deadb34a511e320affa7424f3951169cba50d700500 |
|
| Details | sha256 | 1 | e5a04653a3bfbac53cbb40a8857f81c8ec70927a968cb62e32fd36143a6437fc |
|
| Details | sha256 | 1 | d3447f001a6361c8454c9e560a6ca11e825ed17f63813074621846c43d6571ba |
|
| Details | sha256 | 1 | 709d04dd39dd7f214f3711f7795337fbb1c2e837dddd24e6d426a0d6c306618e |
|
| Details | sha256 | 1 | 830db6a2a6782812848f43a4e1229847d92a592671879ff849bc9cf08259ba6a |
|
| Details | IPv4 | 1 | 45.76.122.92 |
|
| Details | IPv4 | 1 | 101.200.48.68 |
|
| Details | IPv4 | 1 | 117.205.7.194 |
|
| Details | IPv4 | 1 | 107.182.183.206 |
|
| Details | IPv4 | 1 | 124.43.19.159 |
|
| Details | IPv4 | 1 | 139.99.131.57 |
|
| Details | IPv4 | 1 | 179.50.196.228 |
|
| Details | IPv4 | 1 | 185.165.116.144 |
|
| Details | IPv4 | 1 | 189.201.192.242 |
|
| Details | IPv4 | 1 | 191.189.30.112 |
|
| Details | IPv4 | 1 | 192.210.198.50 |
|
| Details | IPv4 | 1 | 195.201.169.194 |
|
| Details | IPv4 | 1 | 216.15.146.34 |
|
| Details | IPv4 | 1 | 43.240.65.121 |
|
| Details | IPv4 | 1 | 45.76.136.196 |
|
| Details | IPv4 | 1 | 45.76.178.34 |
|
| Details | IPv4 | 1 | 52.8.60.118 |
|
| Details | IPv4 | 1 | 54.70.161.251 |
|
| Details | IPv4 | 1 | 139.159.218.82 |
|
| Details | IPv4 | 1 | 207.148.70.143 |
|
| Details | IPv4 | 1 | 202.109.143.110 |
|
| Details | IPv4 | 1 | 216.176.179.106 |
|
| Details | IPv4 | 1 | 125.231.139.75 |
|
| Details | IPv4 | 1 | 36.235.171.244 |
|
| Details | IPv4 | 1 | 121.207.227.84 |
|
| Details | IPv4 | 1 | 125.77.30.184 |
|
| Details | IPv4 | 1 | 104.203.170.198 |
|
| Details | IPv4 | 1 | 111.19.78.4 |
|
| Details | IPv4 | 1 | 15.231.235.194 |
|
| Details | IPv4 | 1 | 221.203.81.226 |
|
| Details | IPv4 | 1 | 111.73.45.90 |
|
| Details | Url | 1 | http://45.76.122.92:8506/iofoqigyc0zmf2ur/uuu.sh |