fbpx

Download free GDPR compliance checklist!

NSA shares list of vulnerabilities commonly exploited to plant web shells

The US National Security Agency (NSA) and the Australian Signals Directorate (ASD) have published a security advisory this week warning companies to search web-facing and internal servers for common web shells.

“Web shell” is a malicious program or script that’s installed on a hacked server. Web shells provide a visual interface that hackers can use to interact with the hacked server and its filesystem.

Hackers install web shells by exploiting vulnerabilities in internet-facing servers or web applications (such as CMS, CMS plugins, CMS themes, CRMs, intranets, or other enterprise apps, etc.).

Source: NSA shares list of vulnerabilities commonly exploited to plant web shells | ZDNet

>