Symantec researchers have discovered a novel technique of reading commands from IIS logs to install backdoors and other tools in a stealthy campaign against large companies and high-profile technology firms in the US.
ADVERSARY: UNC3524
MALWARE FAMILY: ReGeorg
ATT&CK IDS: T1566 - Phishing, T1102 - Web Service, T1562 - Impair Defenses, T1572 - Protocol Tunneling
Read More:
Comments