Continuing the theme from my previous column on the relative security of Internet Information Service (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. Since a single ...

I will be having the IIS servers I manage audited by a computer security company next week. The servers are very secure and I put a lot of time into keeping them that way. In anticipation of next week ...

The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services (IIS) web server logs. Microsoft ...

Microsoft Corp. is urging users of its Internet Information Server (IIS) software to install another patch, this time to plug three newly discovered security holes and correct errors made in a trio of ...

Can someone give me/point me to some good information on how the security in IIS functions? I'm looking to work out when/where IUSR_SERVERNAME account is used, when a sep. indiviual user's account is ...

In a Tuesday blog item, Google posted results of an internal study that examines the types of Web servers that are most commonly being used to host malware and dish up browser exploits and drive-by ...

The North Korean state-backed threat actor Lazarus Group has reinvented its ongoing espionage campaign by exploiting known vulnerabilities in unpatched Windows IIS Web servers to deploy its ...

Threat actors are installing a malicious IIS web server module named 'Owowa' on Microsoft Exchange Outlook Web Access servers to steal credentials and execute commands on the server remotely. The ...