WIRE TOR - Ethical HackingMay 23, 2025

🚨 Chinese Hackers Breach U.S. Local Governments via Trimble Cityworks Zero-Day Exploit🚨 Contact for Security: [email protected]

https://wiretor.com/chinese-hackers-breach-u-s-governments-via-zero-day-exploit

#CityworksZeroDay #CVE20250994 #ChineseHackers #TrimbleExploit #UAT6382 #CobaltStrike #RustMalware #WebShells #AntSword #ChopperWebshell #MaLoader #CyberAttack2025 #IISVulnerability #CybersecurityNews #WireTorCyberSecurity #VulnerabilityManagement

ronin-rbApr 19, 2024
You've probably heard of the xz-utils backdoor by now. You shouldn't submit backdoors to Open Source projects... unless it's to ronin-payloads! We're always looking for more payloads!
#opensource #ruby #payloads #shellcode #webshells #hacking #corny #shamelesspromotion
GitHub - ronin-rb/ronin-payloads: A Ruby micro-framework for writing and running exploit payloads

A Ruby micro-framework for writing and running exploit payloads - ronin-rb/ronin-payloads

GitHub
Sophos X-OpsAug 25, 2023

Sophos X-Ops is currently tracking a campaign by threat actors targeting unpatched #Citrix #NetScaler systems exposed to the internet. Our data indicates strong similarity between #attacks using CVE-2023-3519 delivering #malware and #webshells and previous attacks using a number of the same #TTPs.

#Sophosxops #threatintel #cve20233519

Sam Stepanyan  🐘Jul 22, 2023

#Citrix CVE-2023-3519 Exploitation of Citrix Zero-Day by Possible Espionage Actors - a fascinating write-up by
@Mandiant
who performed analysis of the compromised #Netscaler appliance and all the planted #webshells

https://www.mandiant.com/resources/blog/citrix-zero-day-espionage

Exploitation of Citrix Zero-Day by Possible Espionage Actors (CVE-2023-3519) | Mandiant

Mandiant
🛡 [email protected]/:~# Jul 21, 2023

"🚨Citrix NetScaler ADC and Gateway Devices Under Attack: CISA Urges Immediate Action🚨"

CISA warns of a critical security flaw in Citrix NetScaler ADC and Gateway devices being exploited to drop web shells on vulnerable systems. Immediate action is advised!🔒💻

Source: [The Hacker News](https://thehackernews.com/2023/07/citrix-netscaler-adc-and-gateway.html)

Tags: #CISA #Citrix #NetScaler #ADC #Gateway #Cybersecurity #Vulnerability #WebShells #InfoSec 🌐🔐🔍

Citrix NetScaler ADC and Gateway Devices Under Attack: CISA Urges Immediate Action

Citrix NetScaler ADC & Gateway devices are under attack. Upgrade now to mitigate the code injection bug (CVE-2023-3519)

The Hacker News
Cisco TalosMay 26, 2023
Web shells are becoming increasingly prevalant on the threat landscape. But what are they, even? Our new series The Need to Know helps explain what #webshells are and how attackers use them https://blog.talosintelligence.com/what-is-a-web-shell/
What is a web shell?

What are web shells? And why are attackers increasingly using them in their campaigns? We break it down in this blog.

Cisco Talos Blog
👾 Rene Rehme #39C3Feb 1, 2023

🚨Ein Hinweis an alle #Hochschulen !

Ich habe alleine in den letzten zwei Wochen bei zwei Hochschulen #webshells gefunden. Das bedeutet, dass da schon #Hacker drin waren und #Backdoors hinterlassen haben.

⚠️ Scannt eure Webserver auf webshells!

Hinweis: Ich habe den ursprünglichen Beitrag gelöscht, da durch das Bild die Möglichkeit bestand, Rückschluss auf das betroffene System zu ziehen. Thx @richard

Thomas Roccia Dec 20, 2022

📢In a recent blog published by
@bmcder02 you can learn how to detect malicious IIS modules and prevent web exploitation and web shells. 🤩 #cybersecurity #infosec
#webshells

https://www.microsoft.com/en-us/security/blog/2022/12/12/iis-modules-the-evolution-of-web-shells-and-how-to-detect-them/

IIS modules: The evolution of web shells and how to detect them  - Microsoft Security Blog

This blog aims to provide further guidance on detecting malicious IIS modules and other capabilities that you can use during your own incident response investigations.

Microsoft Security Blog
🖱🛠👉👕👈 SOSOrdinet 🎣🖥️🐛 🗞️Apr 16, 2021

#ProxyLogon : quand une décision de justice américaine autorise le #FBI à supprimer les #WebShells incriminés, sans accord préalable des victimes !

https://blog.sosordi.net/2021/04/proxylogon-quand-une-decision-de-justice-americaine-autorise-le-fbi-a-supprimer-les-web-shells-incrimines-sans-accord-prealable-des-victimes.html

#securite #Microsoft #ExchangeServer

ProxyLogon : quand une décision de justice américaine autorise le FBI à supprimer les Web-Shells incriminés, sans accord préalable des victimes ! | SOSOrdi.net - L'actualité informatique gratuite

SOSOrdi.net - L'actualité informatique gratuite
Teddy / Domingo (🇨🇵/🇬🇧)Feb 4, 2021
Whitespace #Steganography Conceals Web #Shell in #PHP #Malware. Here’s what our #malware analyst Liam Smith discovered while recently working on a site containing multiple #backdoors and #webshells uploaded by hackers.
https://blog.sucuri.net/2021/02/whitespace-steganography-conceals-web-shell-in-php-malware.html?&web_view=true
#security
Whitespace Steganography Conceals Web Shell in PHP Malware

Our senior malware researcher describes how attackers are using whitespace obfuscation to upload fake license.php files and backdoors to compromised websites.