According to research published by Microsoft’s Detection and Response Team, the number of attacks that planted web shells is up to an average of 140,000 incidents per month between August 2020 and January 2021, which is almost double the average of 77,000 per month that Microsoft observed one year ago. A web shell is a small active web page, usually written in PHP, ASP, or JSP languages, that attackers upload to a victim web server in order to remotely control the server, steal files and passwords from the company that maintains the server, attack other internal systems from the web server, and upload malware files to distribute to other victims. Attackers typically implant web shells by taking advantage of security vulnerabilities in Internet-facing servers, often through out-of-date Content Management Systems (CMS) and plug-ins that allow uploading of arbitrary files without proper filtering.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security