• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech
Securing Remote Work Setups in the Age of COVID-19

Microsoft says it detects 77,000 active web shells on a daily basis

November 26, 2020
Innovative solutions for IT workers at home

ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

February 24, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

February 24, 2021
Innovative solutions for IT workers at home

SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

February 23, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft Affirms Solorigate Attackers Saw Azure, Intune and Exchange Source Code

February 23, 2021
How to use Microsoft Sysmon, Azure Sentinel to log security events

OPS101 – Securing your Hybrid environment – Part 1 – Azure Security Center

February 22, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft Ending Azure Information Protection Connections to Microsoft Defender for Endpoint

February 22, 2021
8×8 makes raft of updates to platform

Indonesian Mobile Operator Selects NTT for Microsoft Security Project

February 22, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

NTT completes Microsoft security project for Indonesian mobile operator

February 19, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Data insights without limit, security without compromise

February 18, 2021
8×8 makes raft of updates to platform

What Is Object Storage?

February 17, 2021
Microsoft To Open Azure Cloud Data Center Region In Spain

EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

February 17, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Azure Firewall Premium now in preview

February 17, 2021
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Thursday, February 25, 2021
  • Login
Azure Security News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
    • Home – Layout 4
    • Home – Layout 5
  • News
    • All
    • Business
    • Politics
    • Science
    • World
    Innovative solutions for IT workers at home

    ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

    A moment of reckoning: the need for a strong and global cybersecurity response

    ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

    Innovative solutions for IT workers at home

    SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Affirms Solorigate Attackers Saw Azure, Intune and Exchange Source Code

    8×8 makes raft of updates to platform

    Indonesian Mobile Operator Selects NTT for Microsoft Security Project

    Microsoft To Build New Azure Cloud Data Centers In Greece

    NTT completes Microsoft security project for Indonesian mobile operator

    A moment of reckoning: the need for a strong and global cybersecurity response

    Data insights without limit, security without compromise

    8×8 makes raft of updates to platform

    What Is Object Storage?

    A moment of reckoning: the need for a strong and global cybersecurity response

    Azure Firewall Premium now in preview

    Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

    Global Industrial Cybersecurity Market By Offering Type, By Security Type, By End User, By Region, Industry Analysis and Forecast, 2020 – 2026

    Trending Tags

    • Donald Trump
    • Future of News
    • Climate Change
    • Market Stories
    • Election Results
    • Flat Earth
  • Tech
    • All
    • Apps
    • Gear
    • Mobile
    • Startup
    How to use Microsoft Sysmon, Azure Sentinel to log security events

    OPS101 – Securing your Hybrid environment – Part 1 – Azure Security Center

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Ending Azure Information Protection Connections to Microsoft Defender for Endpoint

    Microsoft To Open Azure Cloud Data Center Region In Spain

    EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

    A moment of reckoning: the need for a strong and global cybersecurity response

    Azure Engineer at VillageMD

    Innovative solutions for IT workers at home

    How to Sync On-Premise Active Directory Passwords with Office 365 and Google Apps in Real-Time

    Microsoft Azure Forms Collaboration to Enhance AI in Healthcare

    Azure Defender is now available for all IoT and OT devices

    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Google and Microsoft ID Group Targeting Security Researchers

    Innovative solutions for IT workers at home

    Microsoft Releases Application Guard for Office, Plus Azure Security Center and Azure Defender for IoT Products

    Microsoft spins off security, compliance bits from Microsoft 365’s priciest plan for E3 customers

    Show your HR backups the back door

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    The Hack Roundup: Biden Orders Intel Assessment of Suspected Russian Malfeasance

    Trending Tags

    • Flat Earth
    • Sillicon Valley
    • Mr. Robot
    • MotoGP 2017
    • Golden Globes
    • Future of News
  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    • Sports
    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Meet the woman who’s making consumer boycotts great again

    New campaign wants you to raise funds for abuse victims by ditching the razor

    Twitter tweaks video again, adding view counts for some users

    A beginner’s guide to the legendary Tim Tam biscuit, now available in America

    People are handing out badges at Tube stations to tackle loneliness

    Trump’s H-1B Visa Bill spooks India’s IT companies

    Magical fish basically has the power to conjure its own Patronus

    This Filipino guy channels his inner Miss Universe by strutting in six-inch heels and speedos

    Oil spill off India’s southern coast leaves fisherman stranded, marine life impacted

  • Lifestyle
    • All
    • Fashion
    • Food
    • Health
    • Travel
    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Offers More ‘Solorigate’ Advice Using Microsoft 365 Defender Tools

    A moment of reckoning: the need for a strong and global cybersecurity response

    Solar Winds, Office 365 & Shipbuilding…

    Aruba ClearPass Policy Manager Integrates with Microsoft

    Imprivata Expands Collaboration with Microsoft on New Digital Identity Innovations

    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Canada’s 10 biggest stories of 2020

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    AMD breaks revenue records for 2019 and 4Q

    AMD breaks revenue records for 2019 and 4Q

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft is killing off insecure Cloud App Security cipher suites

    Microsoft is killing off insecure Cloud App Security cipher suites

    Rap group call out publication for using their image in place of ‘gang’

    Meet the woman who’s making consumer boycotts great again

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
No Result
View All Result
Azure Security News
No Result
View All Result
Home News

Microsoft says it detects 77,000 active web shells on a daily basis

by AZURE SECURITY NEWS EDITOR
November 26, 2020
in News
0
Securing Remote Work Setups in the Age of COVID-19
497
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

Microsoft detects and tracks a daily average of around 77,000 active web shells, spread across 46,000 infected servers.

Image: Microsoft

In a blog post promoting the capabilities of its commercial security platform — the Microsoft Defender ATP — Microsoft said that on a daily basis the company’s security team detects and tracks on average around 77,000 active web shells, spread across 46,000 infected servers.

But while the Microsoft blog post goes on to promote Defender ATP’s industry-recognized detection capabilities, the nugget in Microsoft’s recent marketing material is the 77,000 and 46,000 daily statistics.

These two numbers are staggering in terms of size, and especially the 77,000 figure, which is far far larger than any previous reports about web shell prevalence.

For example, earlier this month GoDaddy’s Sucuri reported on cleaning around 3,600 web shells from hacked websites during all last year, in 2019, a number dwarfed by Microsoft’s daily detection count.

WHAT’S A WEB SHELL

Microsoft’s numbers highlight the prevalence of these tools in the today’s hackers’ arsenals — where web shells are considered a must for every threat actor, from lowly hacktivist groups defacing websites to state-sponsored cyber-espionage groups.

Web shells are crucial because of their functions. For non-technical ZDNet readers that have not encountered the term until today, a “web shell” refers to a malicious program or script that’s installed on a hacked server.

They provide a visual interface that hackers can use to interact with the hacked server and its filesystem. Most web shell contain basic functions to rename, copy, move, and even edit or upload new files on a server. They can also be used to change file and directory permissions, or archive and download (steal) data from the server.

Hackers usually install web shells by exploiting vulnerabilities in internet-facing servers or web applications (such as CMS, CMS plugins, CMS themes, CRMs, intranets, etc.).

Web shells can be written in any programming language, from Go to PHP. This allows hackers to hide web shells inside any website’s code under generic names (like index.asp or uploader.php), which makes detection by a human operator almost impossible without the aid of a web firewall or web malware scanner.

If a web shell is discovered, a backdoor script is also often nearby. Web shells and backdoor scripts are often used together. Hackers usually breach a server, plant a web shell to allow them to interact with its filesystem, and then they install a backdoor — which is an automated script that reinstalls the web shell at regular intervals, or keeps alive a way for the hacker to reinfect the server if the web shell is ever discovered and removed.

Today’s most popular web shell is, by far, a tool called China Chopper. First spotted in 2012, this small but feature-packed web shell, is the work of Chinese hackers. It was released on a Chinese hacking forum, from where it was universally adopted by almost every threat actor across the globe.

In its blog post yesterday, Microsoft warned system administrators to take web shells seriously. Based on their past investigations, Microsoft says hackers often used web shells to upload other hacking tools on a victim’s systems, tools that were later used for reconnaissance operations and lateral movement across a victim’s internal network, making simple web server hacks into much bigger security incidents.

Reference: https://www.zdnet.com/article/microsoft-says-it-detects-77000-active-web-shells-on-a-daily-average/

Share199Tweet124Share50
AZURE SECURITY NEWS EDITOR

AZURE SECURITY NEWS EDITOR

Related Posts

Innovative solutions for IT workers at home

ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

by AZURE SECURITY NEWS EDITOR
February 24, 2021
0

Native integration with ZEDEDA’s orchestration solution for the distributed edge enables end-to-end remote management of the entire Azure IoT Edge...

A moment of reckoning: the need for a strong and global cybersecurity response

ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

by AZURE SECURITY NEWS EDITOR
February 24, 2021
0

ZEDEDA announced an integration with Microsoft Azure IoT services that provides customers with full lifecycle management capabilities (edge hardware, OS, Azure IoT Edge...

Innovative solutions for IT workers at home

SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

by AZURE SECURITY NEWS EDITOR
February 23, 2021
0

In December, the disclosure of the supply chain attack against SolarWinds sent shockwaves throughout federal agencies responsible for the security...

A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft Affirms Solorigate Attackers Saw Azure, Intune and Exchange Source Code

by AZURE SECURITY NEWS EDITOR
February 23, 2021
0

Microsoft has reconfirmed that the "Solorigate" advanced persistent threat attackers saw some of its source code, although "only a few individual files...

  • Trending
  • Comments
  • Latest
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

AZURE DEFAULT RESOURCE GROUP AND DEFAULT WORKSPACE: WHAT ARE THEY?

December 14, 2020
Microsoft Seriously Beefs Up Security in Windows Server 2019

TCS Launches Cloud Exponence on Microsoft Azure

January 21, 2021
Microsoft Launches Host of Security Products in Time for RSA

Microsoft to add two new Microsoft 365 security, compliance bundles to its line-up

November 26, 2020

Lady Gaga Pulled Off One of the Best Halftime Shows Ever

0

Barack Obama’s Now Mainly Focusing on Wearing This Casual Backwards Hat

0

Watch Justin Timberlake’s ‘Cry Me a River’ Come to Life in Mesmerizing Dance

0
Innovative solutions for IT workers at home

ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

February 24, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

February 24, 2021
Innovative solutions for IT workers at home

SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

February 23, 2021
Azure Security News

Copyright © 2020 - Azure Security

Navigate Site

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • Politics
    • Business
    • World
    • Science
  • Entertainment
    • Gaming
    • Music
    • Movie
    • Sports
  • Tech
    • Apps
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Food
    • Fashion
    • Health
    • Travel

Copyright © 2020 - Azure Security

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In