CVE-2019-18935 – Using Powershell to review IIS and Windows Logs (Searching for IoC)

CVE-2019-18935 - Using Powershell to review IIS and Windows Logs (searching for IoC)

This article can be considered a Cyber-Security article more than a Software Development one for the content and part of the vocabulary that will be used but don’t be scared. I wanted to keep it very practical and to give you a simple example of what type of tools everyone can build or use in certain scenarios like in CyberSec and Incident Response. Continue reading “CVE-2019-18935 – Using Powershell to review IIS and Windows Logs (Searching for IoC)”

Removing a phishing email from all Exchange 2016 mailboxes with PowerShell

Does’t matter how good is your security and design in your environment with with complex spam filters, gateways and appliances… sooner or later you’ll need to remove some sort of unwanted communication from one or more mailboxes on your Exchange Server.

In a very common incident response scenario like this, PowerShell is a very useful tool, this time the cmdlet used is New-ComplianceSearch and is available on-premises and on cloud services for Exchange Server 2016.

Continue reading “Removing a phishing email from all Exchange 2016 mailboxes with PowerShell”