An attacker exploited a vulnerability in the batchupload.aspx and email_settings.aspx pages on the target server that allowed them to upload a malicious web shell to the IIS worker process...
Researchers from Kaspersky seek out more IIS backdoors after the discovery of ‘Owowa’, a malicious IIS module deployed by attackers on Microsoft Exchange Outlook...