{"uuid": "39dc250d-a7d8-4326-8211-190a3be063dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-47966", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7585", "content": "#Blue_Team_Techniques\n1. YARA/Sigma rule to detect the exploitation of ManageEngine ServiceDesk CVE-2022-47966\nhttps://github.com/Neo23x0/signature-base/blob/master/yara/expl_manageengine_jan23.yar\nhttps://github.com/SigmaHQ/sigma/pull/3935/files\n2. Investigate malicious Windows logon by visualizing and analyzing Windows event log\nhttps://github.com/JPCERTCC/LogonTracer", "creation_timestamp": "2023-01-20T11:00:21.000000Z"}