Cranefly group unleashes nasty little technique using Microsoft Internet Information Services (IIS) logs

A threat group that targets corporate emails is delivering dropper malware through a novel technique that uses Microsoft Internet Information Services (IIS) logs to send commands disguised as web access requests.…