Researchers have identified a series of sophisticated attacks by the notorious Lazarus group targeting South Korean web servers. The threat actors have been breaching IIS servers to deploy ASP-based web shells, which are subsequently used as first-stage Command and Control (C2) servers that proxy communications to second-stage C2 infrastructure. These attacks, identified in January 2025, […]
The post Lazarus Hackers Exploiting IIS Servers to Deploy ASP-based Web Shells appeared first on Cyber Security News.
This article has been indexed from Cyber Security News