National Cyber Warfare Foundation (NCWF)

In-Memory IIS Attacks via View State Deserialization (Campaign)
0 user ratings		2026-01-16 10:45:50
milo
Attacks
Unit 42 researchers uncovered a campaign by a threat actor they call TGR-CRI-0045—assessed with medium confidence to be part of the Gold Melody (UNC961/Prophet Spider) group—targeting ASP.NET IIS servers using compromised Machine Keys. This group, acting as an Initial Access B...

Unit 42 researchers uncovered a campaign by a threat actor they call TGR-CRI-0045—assessed with medium confidence to be part of the Gold Melody (UNC961/Prophet Spider) group—targeting ASP.NET IIS servers using compromised Machine Keys. This group, acting as an Initial Access B...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/in-memory-iis-attacks-via-view-state-deserialization

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Attacks


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.