Explore the evolution and inner workings of Internet Information Services (IIS) malware in this 37-minute Black Hat conference talk. Delve into the extensible architecture of Microsoft's web server software and how threat actors exploit it to intercept and modify network traffic. Learn about the progression from early IIS malware targeting e-commerce payment information to more recent sophisticated attacks on government institutions. Examine the deployment of IIS backdoors through Microsoft Exchange vulnerabilities and gain insights into the anatomy of native IIS malware. Presented by Zuzana Hromcova, this talk provides a comprehensive overview of IIS-based threats and their impact on web security.