Microsoft Exchange ProxyNotShell Exploit Traffic

Rule Info

Id
6ee5187f-4e7d-406d-8338-01b2cd0385e6
Author
pH-T
Name
Microsoft Exchange ProxyNotShell Exploit Traffic
Tags
attack.execution
Date
2022-11-21 00:00:00
Modified
None
Description
Detects Microsoft Exchange exploit traffic for CVE-2022-41040 and CVE-2022-41082 (A.K.A ProxyNotShell)
Type
Nextron Sigma feed only (private)

Rule History