all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SOC175 — PowerShell Found in Requested URL — Possible CVE-2022–41082 Exploitation

Add to bookmarks
Jan. 13, 2024, 3:59 p.m. | Elnur Badalov

System Weakness - Medium systemweakness.com

SOC175 — PowerShell Found in Requested URL — Possible CVE-2022–41082 Exploitation

Event ID: 125
Platform: LetsDefend

Cover

Alert

EventID : 125
Event Time : Sep, 30, 2022, 07:19 AM
Rule : SOC175 - PowerShell Found in Requested URL - Possible CVE-2022-41082 Exploitation
Level : Security Analyst
Hostname : Exchange Server 2
Destination IP Address : 172.16.20.8
Log Source : IIS
Source IP Address : 58.237.200.6
Request URL : /@evil.com">autodiscover/autodiscover.json?@evil.com/owa/&Email=autodiscover/autodiscover.json%3f@evil.com&Protocol=XYZ&FooProtocol=Powershell
HTTP Method : GET
User-Agent : Mozilla/5.0 zgrab/0.x
Action : Blocked …

blue team cve-2022-41082 cybersecurity incident response letsdefendio

Visit resource

More from systemweakness.com / System Weakness - Medium

IDOR Attacks Demystified: How They Work and How to Prevent Them 8 hours ago | systemweakness.com
attacks business compromise confidentiality +13
How does Single Sign-on (SSO) interact with Active Directory (AD) and Outlook? 8 hours ago | systemweakness.com
access active directory applications authentication +15
OSI Model & TCP/IP Comparison 8 hours ago | systemweakness.com
access communication deals frameworks +14
First AD home lab 1 day, 4 hours ago | systemweakness.com
access active directory building can +17
3 Steps to protect yourself from Prompt Injection 1 day, 4 hours ago | systemweakness.com
prompt-engineering prompt injection security
Clocky | TryHackMe Write-up 2 days, 3 hours ago | systemweakness.com
ctf ctf-writeup tryhackme tryhackme-walkthrough +1
Bypassing Aquatone’s lack of ability to take screenshots of private websites 2 days, 3 hours ago | systemweakness.com
automation cybersecurity hacking pentesting +1
Tuesday Morning Threat Report: Apr 30, 2024 2 days, 3 hours ago | systemweakness.com
analysis artificial intelligence bad customers +21
Staying Anonymous — Ethical Hacking as a Beginner [09] 2 days, 3 hours ago | systemweakness.com
anonymous beginner communication cybersecurity +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604
View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö
View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963
View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000
View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto
View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com
View more jobs