Threats Tagged 'iis exploitation'
View all threats tagged with 'iis exploitation'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'iis exploitation'
Click on any threat for detailed analysis and mitigation recommendations
Threat Actors Achieve Persistence After SQL Injection 0 Threat actors exploited a SQL injection vulnerability in a technology sector organization's web application to gain initial access. They compromised an MSSQL instance via inadequate input validation and used base64-encoded PowerShell scripts for reconnaissance and data exfiltration. Persistence was established by enabling Remote Desktop Services, creating an admin-level user account, and disabling Windows Defender. The attackers installed BadIIS modules for SEO fraud and deployed the XMRig cryptocurrency miner with hidden file attributes. Multiple PowerShell scripts and batch files were used throughout the attack to maintain access and facilitate malicious operations. Join the discussion | AlienVault OTX General | 07/13/2026, 17:23:51 UTC Added: 07/13/2026, 21:02:35 UTC |
Showing 1 to 1 of 1 result