Apr 14 2021

The FBI Is Now Securing Networks Without Their Owners’ Permission

Category: Cyber Threats,Threat detection,Threat ModelingDISC @ 10:30 am

In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the later days when the Chinese probably realized that the vulnerabilities would soon be fixed, was to install a web shell in compromised networks that would give them subsequent remote access. Even if the vulnerabilities were patched, the shell would remain until the network operators removed it.

Now, months later, many of those shells are still in place. And they’re being used by criminal hackers as well.

On Tuesday, the FBI announced that it successfully received a court order to remove “hundreds” of these web shells from networks in the US.

Tags: Securing Networks

Leave a Reply

You must be logged in to post a comment. Login now.