VeeamON 2021: Free Online Conference - Register Now VeeamON 2021: Free Online Conference - Register Now

Executable file posting from external source By SIEM

Home Forums Messaging Software Exchange 2019 Executable file posting from external source By SIEM

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    isynergy
    Participant
    #657005

    We facing strange behaviour that we received the below URI Stem (/ews/First.Surname..Domain.com/exchange.asmx/WSSecurity) with HTTP status 200 (The request has succeeded) and the source is from IP 52.96.18.205 (MICROSOFT-CORP-MSN-AS-BLOCK)

    The Current Installed Version is Exchange Server 2019 CU8 with Security Patch KB5001779

    I found the below URL
    https://docs.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges

    Please advise about this behaviour

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Free Online Conference - May 25th and 26th

VeeamON 2021: Free Online Conference

Join us to gain your professional edge with technical and visionary learning from the brightest minds in IT at the definitive conference for Modern Data Protection.

Register Now

Sponsored By