Transcription of Detect and Prevent Web Shell Malware
{{id}} {{{paragraph}}}
U/OO/134094-20 PP-20-0901 21 APRIL 2020 Cybersecurity Information National Security Agency Detect and Prevent Web Shell Malware Summary Cyber actors have increased the use of web Shell Malware for computer network exploitation [1][2][3][4]. Web Shell Malware is software deployed by a hacker, usually on a victim s web server. It can be used to execute arbitrary system commands, which are commonly sent over HTTP or HTTPS. Web Shell attacks pose a serious risk to DoD components. Attackers often create web shells by adding or modifying a file in an existing web application. Web shells provide attackers with persistent access to a compromised network using communication channels disguised to blend in with legitimate traffic.
Apr 22, 2020 · Web shell malware is a long-standing, pervasive threat that continues to evade many security tools. Cyber actors deploy web shells by exploiting web application vulnerabilities or uploading to otherwise compromised systems. Web shells can serve as persistent backdoors or as relay nodes to route attacker commands to other systems.
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document:
{{id}} {{{paragraph}}}