sLoad 2.0 -A PowerShell Based Malware Infecting Windows Systems
January 23rd, 2020 📆 | 2412 Views ⚑
Researchers from Microsoft discovered a new version of PowerShell Based Malware sLoad 2.0 that using Background Intelligent Transfer Service (BITS)
Browsing the "powershell" Tag
Tagged with: based • infecting • malware • powershell • sload • systems • windows
Configuration Hardening Assessment PowerShell Script
January 11th, 2020 📆 | 6153 Views ⚑
CHAPS is a PowerShell script for checking system security settings where additional software and assessment tools, such as Microsoft Policy
Tagged with: assessment • configuration • hardening • powershell • script
Windows Firewall Ruleset Powershell Scripts
January 4th, 2020 📆 | 2576 Views ⚑
About WindowsFirewallRuleset Rule group Traffic direction IP version (IPv4 / IPv6) Further sorted according to programs and services ICMP traffic
Tagged with: firewall • powershell • ruleset • scripts • windows
Powershell Script To Do Domain Auditing Automation
November 10th, 2019 📆 | 7730 Views ⚑
PowerShell Script to perform a quick AD audit _____ ____ _____ _ _ _ | _ | | _ |_
Tagged with: auditing • automation • domain • powershell • script
Cyber Security Summit 2016 – Session4 – Riktade angrepp med PowerShell & andra inbyggda verktyg
November 1st, 2019 📆 | 7646 Views ⚑
Få inblick i hur hackers utnyttjar befintlig infrastruktur för att genomföra riktade angrepp mot IT-miljöer, men vi ger dig även
Tagged with: angrepp • cyber • powershell • riktade • security • session4 • summit
Controlling PowerShell with zero trust microsegmentation – DigitalMunition
October 30th, 2019 📆 | 8467 Views ⚑
PowerShell is a highly customizable command-line tool that’s often enabled by default. With it, administrators can easily and quickly automate
Tagged with: controlling • digitalmunition • microsegmentation • powershell • trust
Controlling PowerShell with zero trust microsegmentation
October 29th, 2019 📆 | 6339 Views ⚑
PowerShell is a highly customizable command-line tool that’s often enabled by default. With it, administrators can easily and quickly automate
Tagged with: controlling • microsegmentation • powershell • trust
Ransomware Goes Fileless, Uses Malicious Documents and PowerShell to Encrypt Files
October 22nd, 2019 📆 | 6347 Views ⚑
In October 2019, we encountered a phishing campaign delivering a malicious Microsoft Word document that distributed ransomware with a twist.
Tagged with: documents • encrypt • fileless • files • malicious • powershell • ransomware
Lemon_Duck PowerShell Malware Targets Windows Users With Cryptojacking Campaign
October 6th, 2019 📆 | 1559 Views ⚑
A cryptojacking malware campaign called Lemon_Duck is repeatedly upgrading its attack scripts using open-source repositories, security researchers warn. Based on
Tagged with: cryptojacking • lemon • malware • powershell • targets • users • windows
Purple Fox Malware Spread by RIG Exploit Kit Capable of Abusing PowerShell
September 10th, 2019 📆 | 2216 Views ⚑
The RIG exploit kit is distributing a new variant of the Purple Fox downloader malware family that’s capable of abusing
Tagged with: abusing • capable • exploit • malware • powershell • purple • spread
Powershell-RAT | A Backdoor Tool to Extract Data via Gmail
September 2nd, 2019 📆 | 8314 Views ⚑
Powershell-RAT is a Python and Powershell script tool that has been made to help a pen tester during red team engagements
Tagged with: backdoor • extract • gmail • powershell
Microsoft Windows PowerShell privilege escalation [Disputed]
August 30th, 2019 📆 | 1808 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 4.9 $0-$5k A vulnerability classified as critical was found in Microsoft Windows
Tagged with: disputed • escalation • microsoft • powershell • privilege • windows
Windows PowerShell – Unsanitized Filename Command Execution
August 14th, 2019 📆 | 8331 Views ⚑
''' +] Credits: John Page (aka hyp3rlinx) +] Website: hyp3rlinx.altervista.org +] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt +] ISR: Apparition Security Vendor] www.microsoft.com Product]
Tagged with: command • execution • filename • powershell • unsanitized • windows
Microsoft Windows PowerShell Semicolon Remote Code Execution
August 6th, 2019 📆 | 6862 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 5.7 $5k-$25k A vulnerability classified as critical has been found in Microsoft
Tagged with: execution • microsoft • powershell • remote • semicolon • windows
Development stops on PowerShell Empire framework after project reaches its goal
August 1st, 2019 📆 | 1604 Views ⚑
Development of the PowerShell Empire framework, a well-known penetration-testing tool, has stopped this week after its creators said the project
Tagged with: after • development • empire • framework • powershell • project • stops
Microsoft PowerShell Core 6.1/6.2 Windows Defender Application Control privilege escalation
July 20th, 2019 📆 | 5132 Views ⚑
CVSS Meta Temp Score Current Exploit Price (≈) 5.3 $0-$5k A vulnerability was found in Microsoft PowerShell Core 6.1/6.2. It
Tagged with: application • control • defender • microsoft • powershell • privilege • windows
Powershell based Windows Auditing Tool
June 20th, 2019 📆 | 7300 Views ⚑
WINSpect is the PowerShell based windows auditing tool to enumerate and identify security weaknesses with windows platform and results of this audit can
Tagged with: auditing • based • powershell • windows
Microsoft Windows – UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell)
June 19th, 2019 📆 | 7031 Views ⚑
Interactive Version: function SluiHijackBypass(){ Param ( Parameter(Mandatory=$True)] String]$command, ValidateSet(64,86)] int]$arch = 64 ) #Create registry structure New-Item "HKCU:SoftwareClassesexefileshellopencommand" -Force Set-ItemProperty
Tagged with: bypass • handler • hijack • microsoft • powershell • protection • windows
[papers] Active Directory Enumeration with PowerShell
June 16th, 2019 📆 | 8265 Views ⚑
Active Directory Enumeration with PowerShell https://www.exploit-db.com/docs/english/46990-active-directory-enumeration-with-powershell.pdf
Tagged with: active • directory • enumeration • papers • powershell
“MuddyWater” Cyberspies Update PowerShell Backdoor
June 11th, 2019 📆 | 8507 Views ⚑
The cyber-espionage group known as MuddyWater has used an updated multi-stage PowerShell backdoor in recent campaigns, Trend Micro’s security researchers
Tagged with: attacks • backdoor • cyberspies • exploits • muddywater • powershell • update
Platinum Hackers Use Steganography to Mask C&C Communications
June 6th, 2019 📆 | 3634 Views ⚑
Hackers Use Steganographic Technique to Hide Communications With Command and Control Servers Attacks recently attributed to the "Platinum" cyber espionage group
Tagged with: attacks • communications • hackers • malware • platinum • powershell • steganographic • steganography • threat group
Researchers Dissect PowerShell Scripts Used by Russia-Linked Hackers
May 31st, 2019 📆 | 8578 Views ⚑
Security researchers from ESET have analyzed several PowerShell scripts used by the Russia-linked Turla threat group in recent attacks. Operating
Tagged with: attacks • dissect • exploits • hackers • linked • malware • powershell • PowerStallion • researchers • russia • scripts • turla
Turla turns PowerShell into a weapon in attacks against EU diplomats
May 30th, 2019 📆 | 4646 Views ⚑
Attacks have dropped dramatically since 2015: Is hacktivism dead? Hacktivist scene collapses as Anonymous hacker collective dies a slow death.
Tagged with: against • attacks • diplomats • powershell • turla • turns • weapon
A dive into Turla PowerShell usage
May 29th, 2019 📆 | 7253 Views ⚑
ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only Turla, also
Tagged with: powershell • turla • usage
-
-
Popular
BREAKING: Feds Have Evidence Bezos’ Girlfriend Gave… January 25, 2020 Federal prosecutors reportedly have evidence showing that Jeff Bezos’ girlfriend,…
CIA hacking tools used to target 40 groups globally,… December 31, 2019 The CIA hacking tools exposed last month by WikiLeaks were…
Three States Launch New Data Breach Notification… January 1, 2020 Companies in Texas, Illinois, and Oregon will have new notification…
Don’t Ignore Chrome’s New Password… January 19, 2020 A strong password is one that's difficult for a human…
Emotet Unveils New Attacks, C&C URI Structure December 30, 2019 Last week in security news, researchers observed Emotet ringing out…
January 2020 Patch Tuesday forecast: Let’s… January 10, 2020 The holidays are over, and another Patch Tuesday is rapidly…
Macy’s data breach caused by a customized… January 2, 2020 Dive Brief: After Macy's disclosed a data breach last month,…
Comments