Trend Micro reported about the campaign targeting web servers. Attackers attempt to exploit vulnerabilities in web applications by sending HTTP requests that contain scripting code. The campaign is still ongoing; attacks are performed against Windows and Linux systems with Apache Struts or DotNetNuke installed. If the necessary patches are not installed, Monero cryptocurrency miner is downloaded and installed on the server.
Timely installation of updates will help protect against most attacks on your web servers. Also, you can use Web Application Security Framework to uncover brute-force attacks and any suspicious events on your resources.