CSOonline

SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability

The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.
Dark Reading

What You Need to Know -- or Remember -- About Web Shells

Malware known as China Chopper is behind the recent headline-making attacks against vulnerable Microsoft Exchange Servers worldwide. China Copper is a type of malicious software known as a Web shell, ...
The Hacker News

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

A newly identified China-linked threat cluster, OP-512, is targeting Microsoft IIS servers with a custom three-web-shell ...
ZDNet

Microsoft says it detects 77,000 active web shells on a monthly basis

This ebook, based on the latest ZDNet/TechRepublic special feature, offers a detailed look at how to build risk management policies to protect your critical digital assets. Read now In a blog post ...