Yesterday, I noticed a new URL in our honeypots: /v5/device/heartbeat. But I have no idea what this URL may be associated with. Based on some googleing, I came across Balena, a platform to manage IoT devices [1]. Does anybody have any experience with this software and know what an attacker would attempt to gain from the URL above? Maybe just fingerprinting devices? I do not see recent vulnerabilities anywhere, but there is a good chance that vulnerable components are being used by the software.
Article Link: https://isc.sans.edu/diary/rss/30628