Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team.
“Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actor-supplied cookie values to gate execution,

Source

What's Hot

Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

FBI Dismantles $20m Phishing Operation W3LL

Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

FBI Dismantles $20m Phishing Operation W3LL

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Our Picks

AI-powered financial scams swamp social media

When ‘hacking’ your game becomes a security risk

Common Apple Pay scams, and how to stay safe

Subscribe to Updates

What's Hot

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Related Posts

Subscribe to Updates