Ars Technica

ASP.NET application deployment thoughts

I've been tasked with developing a "unified theory of ASP.NET application deployment" for our department. We don't have many apps, but each app seems to be written differently and has a different ...
CSOonline

APT group hits IIS web servers with deserialization flaws and memory-resident malware

A sophisticated, likely government-sponsored threat actor has been compromising major public and private organizations over the past year by exploiting deserialization flaws in public-facing ASP.NET ...