CSOonline

APT group hits IIS web servers with deserialization flaws and memory-resident malware

A sophisticated, likely government-sponsored threat actor has been compromising major public and private organizations over the past year by exploiting deserialization flaws in public-facing ASP.NET ...
CSOonline

Wave of native IIS malware hits Windows servers

Security researchers warn that multiple groups are compromising Windows web servers and are deploying malware programs that are designed to function as extensions for Internet Information Services ...