U.S. National Security Agency and Australian Signals Directorate issue joint advisory warning of web shells. A Web shell is malicious code that attackers can deploy within vulnerable web servers to execute arbitrary system commands over HTTPS. The advisory offers guidance for how to detect web shells within infected web servers and networks. It also offers methods for removing these malicious tools and preventing attackers from taking advantage of unpatched servers. An average of 77,000 web shells were detected within about 46,000 machines every month.”]
Source: https://www.cuinfosecurity.com/attackers-increasingly-using-web-shells-to-create-backdoors-a-14179