Security News > 2020 > April > Web shell warning issued by US and Australia
The US National Security Agency and its Australian counterpart the Australian Signals Directorate have published a set of guidelines to help companies avoid a common kind of attack: web shell exploits.
A web shell is a malicious program, often written in a scripting language like PHP or Java Server Pages, that gives an attacker remote access to a system and lets them execute functions on a victim's web server.
Attackers often disguise web shells as innocuous-looking files that could pass for a component of the web application, enabling them to 'live off the land' by executing malicious commands unobtrusively and lurk undetected for a long time unless an admin is paying attention.
Web shell malware has been a threat for years and continues to evade detection from most security tools.
The Open Web Application Security Project also publishes a set of core intrusion prevention system rules that people should apply, the paper adds.
News URL
https://nakedsecurity.sophos.com/2020/04/27/web-shell-warning-issued-by-us-and-australia/