all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SOC175 EventID:125 — PowerShell Found in Requested URL — Possible CVE-2022–41082 Exploitation —…

Add to bookmarks
July 28, 2023, 6:41 p.m. | Enes Adışen

System Weakness - Medium systemweakness.com

SOC175 EventID:125 — PowerShell Found in Requested URL — Possible CVE-2022–41082 Exploitation — letsdefend.io

Before starting, you can see the data provided by the report alert below.

EventID                :125
Event Time             :Sep, 30, 2022, 07:19 AM
Rule                   :SOC175 - PowerShell Found in Requested URL - Possible CVE-2022-41082 Exploitation
Level                  :Security Analyst
Hostname               :Exchange Server 2
Destination IP Address :172.16.20.8
Log Source             :IIS
Source IP Address      :58.237.200.6
Request URL            :/@evil.com">autodiscover/autodiscover.json?@evil.com/owa/&Email=autodiscover/autodiscover.json%3f@evil.com&Protocol=XYZ&FooProtocol=Powershell
HTTP Method            :GET
User-Agent             :Mozilla/5.0 zgrab/0.x
Action                 :Blocked
Alert Trigger Reason …

alert blue team cve cve-2022-41082 data exchange exploitation letsdefendio powershell report security soc url

Visit resource

More from systemweakness.com / System Weakness - Medium

IDOR Attacks Demystified: How They Work and How to Prevent Them 3 hours ago | systemweakness.com
attacks business compromise confidentiality +13
How does Single Sign-on (SSO) interact with Active Directory (AD) and Outlook? 3 hours ago | systemweakness.com
access active directory applications authentication +15
OSI Model & TCP/IP Comparison 3 hours ago | systemweakness.com
access communication deals frameworks +14
First AD home lab 1 day ago | systemweakness.com
access active directory building can +17
3 Steps to protect yourself from Prompt Injection 1 day ago | systemweakness.com
prompt-engineering prompt injection security
Clocky | TryHackMe Write-up 1 day, 22 hours ago | systemweakness.com
ctf ctf-writeup tryhackme tryhackme-walkthrough +1
Bypassing Aquatone’s lack of ability to take screenshots of private websites 1 day, 22 hours ago | systemweakness.com
automation cybersecurity hacking pentesting +1
Tuesday Morning Threat Report: Apr 30, 2024 1 day, 22 hours ago | systemweakness.com
analysis artificial intelligence bad customers +21
Staying Anonymous — Ethical Hacking as a Beginner [09] 1 day, 22 hours ago | systemweakness.com
anonymous beginner communication cybersecurity +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote
View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US
View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA
View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco
View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com
View more jobs