Bleeping Computer

Hackers use Microsoft IIS web server logs to control malware

The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services (IIS) web server logs. Microsoft ...
Ars Technica

IIS Log File Analysis Tools

This is sort of a follow up to my older SPS2003 usage monitoring thread. I went to town with that, but now I need a solution for our SPS2001 farm. The only way to really get any useful information ...
Ars Technica

Logparser, SSRS, and IIS W3C format

Can't you just use -i and specify a checkpoint file with Logparser to do what you want (incremental updating)? I seem to recall reading it works on IIS log files (I use it all the time for creating NT ...
WeLiveSecurity

IISpy: A complex server-side backdoor with anti-forensic features

ESET researchers have discovered and analyzed a previously undocumented backdoor, implemented as an extension for Internet Information Services (IIS), Microsoft’s web server software. The backdoor, ...
Dark Reading

Cranefly Cyberspy Group Spawns Unique ISS Technique

Hacking group Cranefly is using the new technique of using Internet Information Services (IIS) commands to deliver backdoors to targets and carry out intelligence-gathering campaigns. Researchers at ...