Follow on X RSS Feed
Cybersec Sentinel
  • Home
  • News
  • Malware
  • Ransomware
  • Vulnerabilities
  • Articles
  • About
  • FAQ

IIS backdoor

A collection of 1 post
NET-STAR Backdoor Exploits IIS Modules for Persistent Access
IIS backdoor

NET-STAR Backdoor Exploits IIS Modules for Persistent Access

Threat Group – Phantom Taurus (China-linked APT) Threat Type – In-process web server backdoor for IIS (.NET managed and native module tradecraft) Exploited Vulnerabilities – ViewState abuse via compromised ASP.NET machineKey, insecure file write to application bin directory, misconfigured IIS extensibility, weak CI/CD controls, stolen deployment credentials (no CVEs assigned at
Oct 1, 2025 7 min read
Page 1 of 1
Cybersec Sentinel © 2025
  • Privacy Policy
Powered by Ghost