All posts in IIS

How malicious IIS extension is becoming popular among cyber-criminals for persistent access

Microsoft says many threat actors are now abusing IIS (Internet Information Services) extensions to backdoor servers to create a “durable persistence mechanism.” This comes as the Microsoft 365 Defender Research Team warns that “IIS backdoors are harder to detect since they mostly reside in the same directories as legitimate modules used by target applications, and […]