all InfoSec news
SOC168 EventID:118 — Whoami Command Detected in Request Body — letsdefend.io
Aug. 25, 2023, 3:46 p.m. | zapbroob
System Weakness - Medium systemweakness.com
SOC168 EventID:118 — Whoami Command Detected in Request Body — letsdefend.io
Let’s take a look at the alert report below.
EventID :118
Event Time :Feb, 28, 2022, 04:12 AM
Rule :SOC168 - Whoami Command Detected in Request Body
Level :Security Analyst
Hostname :WebServer1004
Destination IP Address :172.16.17.16
Source IP Address :61.177.172.87
HTTP Request Method :POST
Requested URL :https://172.16.17.16/video/
User-Agent :Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Alert Trigger Reason :Request Body Contains whoami string
Device Action :Allowed
The reason …
More from systemweakness.com / System Weakness - Medium
A Simple Git Misstep That Could Open Doors for Hackers
1 day, 16 hours ago |
systemweakness.com
Exploring JWT Exploitation Methods
1 day, 16 hours ago |
systemweakness.com
How to Streamline Zombie Account Management?
2 days, 20 hours ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
Principal Security Research Manager
@ Microsoft | Redmond, Washington, United States
SOC Manager
@ Inbox Business Technologies | Islamabad, Islamabad Capital Territory, Pakistan
Cybersecurity Incident Response Program Manager (Hybrid)
@ UMB Bank | MO - Kansas City - 1010 Grand Blvd
Consultant, Cyber Risk Advisory | Remote US
@ Coalfire | United States
Cybersecurity Bid Manager
@ Alstom | Derby, GB
Cyberspace Analyst
@ Peraton | Fort Meade, MD, United States