Microsoft warns of stealthy backdoors used to target Exchange Servers, email

27 July 2022

There’s been an uptick in malware native to Microsoft’s Internet Information Services (IIS) web server that is being used to install backdoors or steal credentials and is hard to detect, warns Microsoft. Microsoft has offered insights into how to spot and remove malicious IIS extensions, which aren’t as popular as web shells as a payload for Exchange servers, but are useful to an attacker as they “mostly reside in the same directories as legitimate modules used by target applications, and they follow the same code structure as clean modules,”

Read full article on ZDNet

Date:

27 July 2022

Categorie(s):

NEWS

Tag(s):

Exchanges, IT, Microsoft, News, Servers

Win 95, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland… – SWN #37919 April 2024
5.3M World-Check records may be leaked; how to check your records19 April 2024
Sacramento airport goes no-fly after AT&T internet cable snipped19 April 2024
Active adversary report: Ransomware hit a ceiling, but security teams at risk for more pain19 April 2024
Akira takes in $42 million in ransom payments, now targets Linux servers19 April 2024