NSA Shares Guide to Web Shell, Malware Vulnerabilities, Mitigation
The National Security Agency (NSA) and Australian Signals Directorate released an advisory urging organizations to be alert for common web shell and malware potentially found on web-facing and internal networks, as well as guidance detailing mitigation techniques.
Web shells are part of malicious codes used to gain footholds onto web servers and for proliferating compromise. They’re typically written in common web development programming languages, such as JSP.
Hackers typically create web shells by adding or modifying files within an existing web application and are often deployed on the victim’s web server. Web shells are able to be launched through exploited web applications vulnerabilities or “uploading to otherwise compromised systems.”
Further, cybercriminals will frequently connect web shells through...