TechRadar

Microsoft reveals huge growth in web shell attacks

The number of malicious web shells installed on web servers increased significantly last year and between August and January of 2021, Microsoft registered an average of 140,000 encounters of these ...
ZDNet

Microsoft says it detects 77,000 active web shells on a monthly basis

This ebook, based on the latest ZDNet/TechRepublic special feature, offers a detailed look at how to build risk management policies to protect your critical digital assets. Read now In a blog post ...
Threat Post

BumbleBee Opens Exchange Servers in xHunt Spy Campaign

The BumbleBee web shell allows APT attackers to upload and download files, and move laterally by running commands. A webshell called BumbleBee has taken flight in an ongoing xHunt espionage campaign ...
ZDNet

NSA shares list of vulnerabilities commonly exploited to plant web shells

US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property. Read now The US National Security ...
Dark Reading

What You Need to Know -- or Remember -- About Web Shells

Malware known as China Chopper is behind the recent headline-making attacks against vulnerable Microsoft Exchange Servers worldwide. China Copper is a type of malicious software known as a Web shell, ...
Dark Reading

Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...
CSOonline

China’s Volt Typhoon exploits Versa zero-day to hack US ISPs and IT firms

The Chinese APT group leveraged the vulnerability to deploy a web shell that stole credentials from Versa Director SD-WAN deployments of ISPs, MSPs, and IT companies. State-sponsored Chinese hackers ...