Dissecting UAT-8099: New persistence mechanisms and regional focus (opens in new tab)

Cisco Talos has identified a new, regionally targeted campaign by UAT-8099 that leverages advanced persistence techniques and custom BadIIS malware variants to compromise IIS servers, particularly in Thailand and Vietnam.