News

Computerworld

Opinion: Web server security: Is IIS or Apache more secure

Continuing the theme from my previous column on the relative security of Internet Information Services (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. If you remember ...
techtimes

Microsoft's Latest Research Shows How Hackers Use Malicious IIS Extensions as Backdoor to Servers

Hackers are now reportedly using Internet Information Services or IIS extensions as backdoors to getting into servers as it helps them hide deep in the environments they want to target and gives a ...
Ars Technica

(WCF) Using net.pipe from Web application under IIS 6.0

Hi all.<BR><BR>I thought consuming a WCF service (named pipe) hosted in a Windows service on the Web server (2k3) would be a good idea. It worked well enough when debugging in VS2008, but there my ...
Ars Technica

How do you use Local IIS 7 for ASP.NET Web Application Development?

Okay, so I’m new to IIS 7. I just installed Win 7 (upgrade from XP) and of course now presented with a new version of IIS. It seems there are a variety of ways to go about developing ASP.NET Web ...
Bleeping Computer

Hackers steal Microsoft Exchange credentials using IIS module

Threat actors are installing a malicious IIS web server module named 'Owowa' on Microsoft Exchange Outlook Web Access servers to steal credentials and execute commands on the server remotely. The ...
The Hacker News

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module

GhostRedirector compromised 65 Windows servers since Aug 2024 using Rungan and Gamshen malware, driving SEO fraud.
ZDNet

Microsoft warns of stealthy backdoors used to target Exchange Servers

There's been an uptick in malware native to Microsoft's Internet Information Services (IIS) web server that is being used to install backdoors or steal credentials and is hard to detect, warns ...
Computerworld

Microsoft warns of Windows 2000 flaw, IIS exploit

Microsoft Corp. said today that it has discovered a critical security vulnerability in a component of its Windows 2000 operating system that could enable a remote attacker to gain total control of a ...
ReadWrite

Pro Chinese cybercrime group manipulates SEO to boost gambling websites

ESET researchers have uncovered a professional Chinese cybercrime group that's manipulating SEO to boost traffic to gambling ...
Bleeping Computer

Microsoft: Windows 'inetpub' folder created by security fix, don’t delete

Microsoft has now confirmed that an April 2025 Windows security update is creating a new empty "inetpub" folder and warned users not to delete it. This folder is typically used by Microsoft's Internet ...
InfoWorld

Continuing the Web Server Security Wars: Is IIS or Apache More Secure?

Continuing the theme from my previous column on the relative security of Internet Information Service (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. Since a single ...