HOW TO PREVENT ADVANCED MEMORY RESIDENT ATTACKS BY PRAYING MANTIS ON MOCROSOFT IIS SERVERS?
Israeli cybersecurity firm Sygnia reported a new highly capable and persistent threat actor doubled “Praying Mantis” or “TG2021” launched advanced memory-resident attacks on Microsoft IIS servers of major high-profile public and private entities in the US. Let’s see who is behind the attacks, on whom the attacks were launched, and at last, how to prevent Advanced Memory Resident Attacks.
* Victims Of Advanced Memory Resident Attacks:
* Who Is behind Advanced Memory Resident Attacks?
* Vulnerabilities Used Targeting IIS Servers:
* #1. Checkbox Survey RCE Exploit (CVE-2021-27852)
* #2. VIEWSTATE Deserialization Exploit:
* #3. Altserialization Insecure Deserialization:
* #4. Telerik-UI Exploit (CVE-2019-18935, CVE-2017-11317):
* How To Prevent Advanced Memory Resident Attacks By Praying Mantis?
Table of Contents :
Vulnerabilities Used Targeting IIS Servers: