The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services (IIS) web server logs.

Microsoft on Tuesday confirmed that it is examining a critical vulnerability in older editions of Internet Information Services (IIS) server, a day after a hacker posted exploit code online.

I run both IIS and Apache Web servers in my honeynet. The Apache Web server gets attacked significantly more than the IIS server does. Also, most reported hacks are against Apache Web servers.

Threat actors are installing a backdoor into installations of Microsoft's Internet Information Services (IIS) Windows web server that isn't being caught by some online file scanning services, say ...

Hosting providers and IT professionals have been warned of a threat posed to Microsoft IIS Web servers through exploitation of vulnerabilities in Microsoft operating systems.

Microsoft is warning Outlook on the Web and Exchange Server customers to watch out for more malicious IIS extensions.