Cyber attackers are increasingly leveraging web shell malware to get persistent access to compromised networks, the US National Security Agency and the Australian Signals Directorate warn.
Web shells are malicious scripts that are uploaded to target systems (usually web servers) to enable attackers to control it remotely. In affect, they create a backdoor into the target system.
The threat is not limited to internet-facing web servers, though, and can be deployed on non-internet facing internal content management systems or network device management interfaces.
Read more: Help Net Security