APT group hits IIS web servers with deserialization flaws and memory-resident malware _csoonline.com
| posted by rouiejay12 in : attacks | No comments |

A sophisticated, likely government-sponsored threat actor has been compromising major public and private organizations over the past year by exploiting deserialization flaws in public-facing ASP.NET applications to deploy fileless malware. Dubbed Praying Mantis, or TG1021, by researchers from incident response firm Sygnia, the hacker group puts a strong focus on detection evasion by using a volatile and custom malware toolset built specifically for Internet Information Services (IIS) web servers to perform credential harvesting, reconnaissance and lateral movement.


You must log in or register to comment.

There's nothing here…