Praying Mantis is now Preying on Microsoft’s IIS Servers
Sygnia researchers reported a new APT group—Praying Mantis or TG1021—targeting Microsoft IIS web servers to reach victims’ internal networks to steal sensitive data. To stay protected, researchers recommend patching .NET deserialization vulnerabilities and scanning internet-facing IIS servers with YARA rules for detecting the group’s malicious activity.