all InfoSec news
SOC175 — PowerShell Found in Requested URL — Possible CVE-2022–41082 Exploitation
Jan. 13, 2024, 3:59 p.m. | Elnur Badalov
System Weakness - Medium systemweakness.com
SOC175 — PowerShell Found in Requested URL — Possible CVE-2022–41082 Exploitation
Event ID: 125
Platform: LetsDefend
Alert
EventID : 125
Event Time : Sep, 30, 2022, 07:19 AM
Rule : SOC175 - PowerShell Found in Requested URL - Possible CVE-2022-41082 Exploitation
Level : Security Analyst
Hostname : Exchange Server 2
Destination IP Address : 172.16.20.8
Log Source : IIS
Source IP Address : 58.237.200.6
Request URL : /@evil.com">autodiscover/autodiscover.json?@evil.com/owa/&Email=autodiscover/autodiscover.json%3f@evil.com&Protocol=XYZ&FooProtocol=Powershell
HTTP Method : GET
User-Agent : Mozilla/5.0 zgrab/0.x
Action : Blocked …
blue team cve-2022-41082 cybersecurity incident response letsdefendio
More from systemweakness.com / System Weakness - Medium
Clocky | TryHackMe Write-up
2 days, 3 hours ago |
systemweakness.com
Tuesday Morning Threat Report: Apr 30, 2024
2 days, 3 hours ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
Financial Crimes Compliance - Senior - Consulting - Location Open
@ EY | New York City, US, 10001-8604
Software Engineer - Cloud Security
@ Neo4j | Malmö
Security Consultant
@ LRQA | Singapore, Singapore, SG, 119963
Identity Governance Consultant
@ Allianz | Sydney, NSW, AU, 2000
Educator, Cybersecurity
@ Brain Station | Toronto
Principal Security Engineer
@ Hippocratic AI | Palo Alto