all InfoSec news
SOC175 — PowerShell Found in Requested URL — Possible CVE-2022–41082 Exploitation
Jan. 13, 2024, 3:59 p.m. | Elnur Badalov
System Weakness - Medium systemweakness.com
SOC175 — PowerShell Found in Requested URL — Possible CVE-2022–41082 Exploitation
Event ID: 125
Platform: LetsDefend
Alert
EventID : 125
Event Time : Sep, 30, 2022, 07:19 AM
Rule : SOC175 - PowerShell Found in Requested URL - Possible CVE-2022-41082 Exploitation
Level : Security Analyst
Hostname : Exchange Server 2
Destination IP Address : 172.16.20.8
Log Source : IIS
Source IP Address : 58.237.200.6
Request URL : /@evil.com">autodiscover/autodiscover.json?@evil.com/owa/&Email=autodiscover/autodiscover.json%3f@evil.com&Protocol=XYZ&FooProtocol=Powershell
HTTP Method : GET
User-Agent : Mozilla/5.0 zgrab/0.x
Action : Blocked …
blue team cve-2022-41082 cybersecurity incident response letsdefendio
More from systemweakness.com / System Weakness - Medium
Spring Boot Integration Shiro Quick Start Demo
1 day, 12 hours ago |
systemweakness.com
A Deep Dive into Network Security Threats
1 day, 12 hours ago |
systemweakness.com
Defensive Security: Installing PHPIDS on LAMP Servers
1 day, 12 hours ago |
systemweakness.com
TryHackMe Network Services Writeup
1 day, 12 hours ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Consultant Sécurité SI Gouvernance - Risques - Conformité H/F - Strasbourg
@ Hifield | Strasbourg, France
Lead Security Specialist
@ KBR, Inc. | USA, Dallas, 8121 Lemmon Ave, Suite 550, Texas
Consultant SOC / CERT H/F
@ Hifield | Sèvres, France