all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Question about URLscan.io results and geolocale

Add to bookmarks
Jan. 4, 2023, 1:41 p.m. | /u/pseudo_su3

cybersecurity www.reddit.com

I’m chasing something down at my org. We had a user who is a sales person (so not inside our org) and their account was compromised.

These sales employees logon to a vpn into a sales platform that sits in the dmz.

Reviewing the logs, I see a favicon.ico. I download it. It’s got a script in it, that appears to take the session/cookie from the referrer and pass it to the sales site. This “cookie” is set to expire …

account compromised cookie cybersecurity dmz down download employees favicon ico logon logs org platform question referrer results sales script session urlscan urlscan.io vpn

Visit resource

More from www.reddit.com / cybersecurity

Tryhack me and HTB 5 hours ago | www.reddit.com
advice cybersec cybersecurity experience +8
CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation 5 hours ago | www.reddit.com
cisa cybersecurity exploitation flaw +7
Millions of Docker repos found pushing malware,phishing sites 6 hours ago | www.reddit.com
cybersecurity
Info Stealers Strike Again 7 hours ago | www.reddit.com
cybersecurity
NCSC Guidance - Business email compromise: defending your organisation 9 hours ago | www.reddit.com
attacks budget business business email compromise +14
Federal Hiring Practices Revisited for Cyber Professionals? 10 hours ago | www.reddit.com
article cybersecurity experience hiring +5
CySA+ difficulty 10 hours ago | www.reddit.com
aim clear cybersecurity cysa +7
GeekWire: Generative AI is a dual concern for cybersecurity industry — and will drive increased … 12 hours ago | www.reddit.com
cybersecurity cybersecurity industry demand drive +4
Forbes Council Post: The Danger Of Zombie Leaks 12 hours ago | www.reddit.com
council cybersecurity forbes leaks +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Security Engineer

@ Gainwell Technologies | Any city, OR, US, 99999
View on infosec-jobs.com

Federal Workday Security Lead

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Workplace Consultant

@ Solvinity | Den Bosch, Noord-Brabant, Nederland
View on infosec-jobs.com

SrMgr-Global Information Security - Security Risk Management

@ Marriott International | Bethesda, MD, United States
View on infosec-jobs.com

Sr. Security Engineer - Data Loss Prevention

@ Verisk | Jersey City, NJ, United States
View on infosec-jobs.com
View more jobs