image credit: pixabay
Cybersecurity researchers from Kaspersky recently discovered a brand new IIS module, designed to steal credentials that victims type in when logging into their Outlook Web Access (OWA) accounts.
They dubbed the new module backdoor SessionManager, and claim it’s persistent, resistant to updates and stealthy. By leveraging SessionManager, Kaspersky further claims, threat actors can get access to company emails, can drop other malicious payloads (such as ransomware, for example) onto the target network, and manage compromised servers in utter secrecy.
Comments are closed.
