IIS


Threatpost News Wrap, March 31, 2017

This year’s Security Analyst Summit is previewed and the news of the week is discussed, including a Microsoft IIS zero day, a new Mirai variant, and the broadband privacy ruling.


New evidence suggests that a Web site hosting software updates for life saving medical equipment was the victim of a massive SQL injection attack and may have been redirecting visitors to a site serving up attacks and malicious software for months before the company became aware of the compromise.

There’s a large-scale attack underway that is targeting Web servers running Microsoft’s IIS software, injecting the sites with a specific malicious script. The attack has compromised tens of thousands of sites already, experts say, and there’s no clear indication of who’s behind the campaign right now.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.