New: Threat Exposure Validation Impact Report 2025
Learn More
Join our Summer Webinar Series on Threat Exposure Validation
Register Now
Come meet us at Black Hat USA 2025 | Booth 1640
Book a Meeting
Book a Demo
Book a Demo

The SessionManager IIS backdoor

July 5, 2022

SessionManager has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East, starting from at least March 2021. Because of the similar victims, and use of a common OwlProxy variant, ESET believe the malicious IIS module may have been leveraged by the GELSEMIUM threat actor, as part of espionage operations.

Featured Resources

cymulate blog article
blog

How to Stay Ahead of IoT Security Issues 

From connected medical equipment in smart hospitals to telemetry sensors in industrial plants, Internet of Things (IoT) devices are now

Read More
image
blog

10 Types of Network Attacks: Common Threats and How to Prevent Them 

Network attacks have evolved far beyond simple brute-force intrusions or spam. Threat actors now employ complex, multi-vector tactics that can

Read More
image
Two Pager

Proactive, AI-Powered SIEM Rule Validation and Detection Engineering

Save time and resources by automating the most critical tasks in modern SecOps

Read More