The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services (IIS) web server logs.

Threat actors are installing a backdoor into installations of Microsoft's Internet Information Services (IIS) Windows web server that isn't being caught by some online file scanning services, say ...

Microsoft’s Internet Information Services is one of the oldest web server platforms around. Originally launched in 1995, it’s been regularly updated alongside Windows Server.

I run both IIS and Apache Web servers in my honeynet. The Apache Web server gets attacked significantly more than the IIS server does. Also, most reported hacks are against Apache Web servers.

Microsoft previously saw custom IIS backdoors installed after threat actors exploited ZOHO ManageEngine ADSelfService Plus and SolarWinds Orion vulnerabilities.

A proof-of-concept exploit has been published for a zero-day vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported.

The next line in the Dockerfile, which starts with RUN, is telling Docker to run some PowerShell commands that turn on the Web-Server Windows feature and download ServiceMonitor.exe, which IIS ...

I believe the general rule of thumb for best setup is:<BR>RAID1 OS<BR>RAID1 wwwroot<BR>RAID1 Logs<BR><BR>under the theory that webservers just read lots of data and don't write much (which is why ...

I run both IIS and Apache Web servers in my honeynet. The Apache Web server gets attacked significantly more than the IIS server does. Also, most reported hacks are against Apache Web servers.