A suspected China-linked espionage cluster dubbed OP-512 after rapidly correlating many low-fidelity events into a single high-priority incident that human analysts then validated. OP-512 compromised an Internet Information Services (IIS) server and deployed a custom web shell framework built to evade signature-based detection. Each web shell instance is cryptographically unique, restricts access with layered encryption, […]

The post China-Linked OP-512 Targets IIS Servers With Unique Web Shell Framework appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.