kentoh - Fotolia

Risk & Repeat: FBI's web shell removal raises questions

By

Rob Wright, Senior News Director

Listen to this podcast

The FBI accessed computers -- without the knowledge or consent of the owners -- to remove hundreds of web shells placed in vulnerable Microsoft Exchange servers.

This week's Risk & Repeat podcast discusses the FBI's effort to remove malicious web shells from vulnerable Microsoft Exchange servers.

The Department of Justice this week announced the FBI took the unusual step of obtaining a court order to remotely access computers that were infected with web shells through a series of zero-day vulnerabilities in Microsoft Exchange Server. While the vulnerabilities were disclosed and patched last month, threat actors used these web shells to maintain backdoor access even after the patches were applied.

The court order allowed the FBI to access victims' computers -- without permission or notification -- and remove hundreds of web shells associated with a specific, unnamed threat group. The move raised questions about the FBI's authority, as well as the nature of the threat. SearchSecurity editors Rob Wright and Alex Culafi discuss those issues and more in this episode of Risk & Repeat.

5G NSA vs. SA: How do the deployment modes differ?
Non-standalone 5G uses a combination of existing 4G LTE architecture with a 5G RAN. Standalone 5G, on the other hand, uses a 5G ...
How network data models work with automation
Network data models can help network engineers with their automation strategies, thanks to the essential data they store about ...
A guide on how to learn network automation
Networks are always evolving, and network automation is the next step forward. From soft skills to AI, these skills are essential...

CIO

Where 2024 U.S. presidential candidates stand on tech issues
The next U.S. president will set the tone on tech issues such as AI regulation, data privacy and climate tech. This guide breaks ...
6 tips to plan a digital transformation budget
Formulating budgets for digital transformation projects is fraught with complexities, expectations and unknowns that ...
Businesses left in legal limbo with FTC noncompete ban
Employers need to start planning for compliance with the FTC noncompete ban, effective Sept. 4, despite uncertainty around ...

Enterprise Desktop

Understanding how GPOs and Intune interact
Group Policy and Microsoft Intune are both mature device management technologies with enterprise use cases. IT should know how to...
Comparing MSI vs. MSIX
While MSI was the preferred method for distributing enterprise applications for decades, the MSIX format promises to improve upon...
How to install MSIX and msixbundle
IT admins should know that one of the simplest ways to deploy Windows applications across a fleet of managed desktops is with an ...

Cloud Computing

Why should I use Docker containers vs. VMs for my cloud apps?
Containers and VMs have their own use cases, but one takes the lead in efficiency. Compare the two options, and see how Docker ...
Optimize Amazon Athena performance with these 5 tuning tips
Amazon Athena can provide an efficient, cost-effective method of data analysis. But did you properly optimize Athena performance ...
How to secure Azure Functions with Entra ID
Centralized identity management is vital to the protection of your organization's resources. Do you know how to secure Azure ...

ComputerWeekly.com

NHS Trusts cancelled over 6,000 appointments after Qilin cyber attack
The two NHS Trusts most heavily impacted by the Qilin ransomware attack on pathology services provider Synnovis have cancelled ...
Ericsson, Oppo ink global patent cross-licence agreement
Global comms tech firm teams with leading Asian smartphone provider on multi-year global cross licence covering cellular ...
Telecom Egypt makes nation’s 5G first
Tech provider announces partnership with leading Egyptian telco to bring 5G technology to the country for first time, aiming to ...

Close