EnlargeBeeBright / Getty Images / iStockphoto
Researchers have discovered a clever piece of malware that stealthily exfiltrates data and executes malicious code from Windows systems by abusing a feature in Microsoft Internet Information Services (IIS).
IIS is a general-purpose web server that runs on Windows devices. As a web server, it accepts requests from remote clients and returns the appropriate response. In July 2021, network intelligence company Netcraft said there were 51.6 million instances of IIS spread across 13.5 million unique domains.
IIS offers a feature called Failed Request Event Buffering that collects metrics and other data about web requests
→ Continue reading at Ars Technica