Introducing Cymulate Vero AI for Agentic Cyber Defense Engineering
Learn More
New: 2026 Gartner® Market Guide for Adversarial Exposure Validation
Learn More
New Research: Exploiting Configuration Trust in AI Coding Tools
Learn More
New Case Study: How a Financial Authority Validates Cyber Resilience
Learn More
Book a Demo
Book a Demo

The SessionManager IIS backdoor

July 5, 2022

SessionManager has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East, starting from at least March 2021. Because of the similar victims, and use of a common OwlProxy variant, ESET believe the malicious IIS module may have been leveraged by the GELSEMIUM threat actor, as part of espionage operations.

Featured Resources

View More Resources
image
blog

How to Prioritize Vulnerabilities in 2026: From CVSS to Real Risk 

Security teams have more vulnerability data than ever. Scanners find exposures across endpoints, cloud assets, applications, identities and third-party tools. The problem is no

Read More
image
CUSTOMERS

Financial Regulatory Authority Strengthens Security and Gains Continuous Visibility with Cymulate

Limited Visibility and Reliance on Point-in-Time Testing With a lean team of five responsible for securing a complex internal environment,

Read Case Study
image
blog

CVE-2026-35603: One Writable Folder, Every User Compromised: Exploiting Configuration Trust in AI Coding Tools

Ilan Kalendarov, Security Research Team LeadBen Zamir, Security ResearcherElad Beber, Security Researcher The AI coding tools that millions of developers launch every

Read More