Microsoft Threat Intelligence in December observed a “threat actor” using a publicly available ASP.NET machine key to inject malicious code and fetch the Godzilla post-exploitation framework, a “backdoor” web shell used by intruders to execute commands and manipulate files. The company then identified more than 3,000 publicly disclosed ASP.NET machine keys—i.e., keys that were disclosed in code…
IT & Security News for Geeks