Press play for the first episode as host Aryeh Goretsky is joined by Zuzana Hromcová to discuss native IIS malware
Did you ever wonder why researchers behind a cybersecurity discovery chose to go down that particular rabbit hole? What made them curious about that specific malware family, variant, or campaign? Did they come up with a specific name for that malware in the bathtub, on a run, or just used the first thing in the code that hit them?
From now on, we will offer answers to those and many other questions in our brand new ESET Research podcast – because there’s always more to ESET research stories than what made it into the paper or blogpost.
So be it the broader context of an attack, some obscure artifact found during analysis, or an inkling that lit a spark and led to a deeper dig in the malware, our host and ESET Distinguished Researcher Aryeh Goretsky will mine for it in his interviews with ESET researchers.
There will be a new episode every time we publish major research, which usually happens several times a year.
Our first episode focuses on native IIS (Internet Information Services) malware – a threat that has been lurking in the shadows of public-facing servers since 2013, yet is almost invisible to their admins as well as other defenders. Listen to the fascinating journey of ESET malware researcher Zuzana Hromcová, who co-authored a comprehensive guide describing 14 IIS malware families found in the wild, used by both crimeware and APT threat actors.
If you’d like to hear more, subscribe to ESET Research podcast on any of the popular podcast applications including Spotify, Google Podcasts, Apple Podcasts and PodBean.

source