notePublished by Scott Kingery on May 30, 2023, 4:32 PM Lazarus hackers target Windows IIS web servers for initial access https://www.bleepingcomputer.com/news/security/lazarus-hackers-target-windows-iis-web-servers-for-initial-access/'Lazarus first gains access to IIS servers using known vulnerabilities or misconfigurations that allow the threat actors to create files on the IIS server using the w3wp.exe process.' #infosec