New: 2026 Gartner® Market Guide for Adversarial Exposure Validation
Learn More
Cymulate named a Customers' Choice in 2025 Gartner® Peer Insights™
Learn More
New Research: The Security Tradeoffs Behind AI Tooling
Learn More
An Inside Look at the Technology Behind Cymulate
Learn More
Book a Demo
Book a Demo

The SessionManager IIS backdoor

July 5, 2022

SessionManager has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East, starting from at least March 2021. Because of the similar victims, and use of a common OwlProxy variant, ESET believe the malicious IIS module may have been leveraged by the GELSEMIUM threat actor, as part of espionage operations.

Featured Resources

View More Resources
image
Demo

Auto Mitigation Demo

Cymulate Auto Mitigation closes the risk-to-fix gap by automatically deploying targeted control updates when exposures are discovered. It then re-validates

Learn More
image
blog

How to Automate Security Mitigation with a Closed-Loop Workflow 

Automate remediation with vendor-specific security updates that reduce exposure, improve resilience, and save time.

Read More
image
blog

Mitigation Hub Turns Findings into Fixes

Shiraz Arush Brinder, Senior Product ManagerAvigayil Stein, Senior Product Marketing Manager Security teams don’t need more dashboards or disconnected findings. They need a faster

Read More