MALWARE-OTHER --
MALWARE-OTHER Win.Exploit.CVE_2023_28310 download attempt
This rule looks for serialized data containing the type "System.Windows.Markup.XamlReader[][]" and malicious XAML that runs a command.
This rule alerts on an attempt to download a PowerShell script that exploits a remote-code execution vulnerability in Microsoft Exchange Server.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
None
No information provided
None