Home > Security Alerts > UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIIS

UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIIS

February 2, 2026 Monday

Unpatched IIS servers are injected malicious web shells, executed PowerShell scripts, and deployed the BadIIS malware, including hardcoded regional configurations tailored to specific countries.

Latest News

Update on Staff UID Change Policy

Facial Identity (Face ID) Access for HKU Main Library and Chi Wah Learning Commons

Microsoft M365 new storage policies for HKU departments

Your opinion matters, share your thoughts by completing the survey about HKU communication channels

Campus Network Segmentation and Campus Wide Remote Access Policy

Popular Services:

uPrint
Study Rooms in Learning Commons
Software Download
Application
HKU Virtual Private Network (HKUVPN)

UAT-8099 Targets Vulnerable IIS Servers Using Web Shells, PowerShell, and Region-Customized BadIIS

About ITS

Alerts

Service Request & Support