Dark Reading

Web Shells Gain Sophistication for Stealth, Persistence

Web shells, a common type of post-exploitation tool that provides easy-to-use interface through which to issue commands to a compromised server, have become increasingly popular as attackers become ...
Statetechmagazine

How to Detect and Remove Threatening Web Shells

Tanya Candia is an international management expert, specializing for more than 25 years in information security strategy and communication for public- and private-sector organizations. Stealthy, ...
CSOonline

Patched Apache ActiveMQ bug abused to drop Godzilla web shells

The attack methods being used to abuse the bug can successfully circumvent security measures, evading detection by security endpoints during scanning. A patched critical remote code execution (RCE) ...
Dark Reading

Citrix Zero-Day: 7K Instances Remain Exposed, 460 Compromised

Several threat groups are actively exploiting a critical vulnerability in Citrix networking products. Three weeks after Citrix released a patch for its NetScaler ADC and NetScaler Gateway, researchers ...
CSOonline

Open-source monitor turns into an off-the-shelf attack beacon

Hackers used log poisoning and web shells to convert Nezha into a remote access tool targeting networks across East Asia. China-affiliated hackers have quietly turned a once-benign open-source network ...