Web shell warning issued by US and Australia

2020-04-27 11:09

The US National Security Agency and its Australian counterpart the Australian Signals Directorate have published a set of guidelines to help companies avoid a common kind of attack: web shell exploits.

A web shell is a malicious program, often written in a scripting language like PHP or Java Server Pages, that gives an attacker remote access to a system and lets them execute functions on a victim's web server.

Attackers often disguise web shells as innocuous-looking files that could pass for a component of the web application, enabling them to 'live off the land' by executing malicious commands unobtrusively and lurk undetected for a long time unless an admin is paying attention.

Web shell malware has been a threat for years and continues to evade detection from most security tools.

The Open Web Application Security Project also publishes a set of core intrusion prevention system rules that people should apply, the paper adds.

News URL

https://nakedsecurity.sophos.com/2020/04/27/web-shell-warning-issued-by-us-and-australia/

#australia #US #WEB