Cybersecurity agencies: You don’t have to delete PowerShell to secure it

Credit to Author: Pieter Arntz| Date: Fri, 24 Jun 2022 11:34:04 +0000

International cybersecurity authorities have published a Cybersecurity Information Sheet on making it harder to abuse PowerShell

The post Cybersecurity agencies: You don’t have to delete PowerShell to secure it appeared first on Malwarebytes Labs.

Read more

Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis

Credit to Author: Threat Intelligence Team| Date: Mon, 16 May 2022 10:00:00 +0000

Malwarebytes Threat Intelligence has uncovered an attack using the lure of information about the war in Ukraine to target people in Germany.

The post Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis appeared first on Malwarebytes Labs.

Read more

Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique

Credit to Author: Threat Intelligence Team| Date: Tue, 05 Apr 2022 18:36:35 +0000

We discovered an interesting trick used by Colibri Loader to survive reboots that takes advantage of a legitimate command in PowerShell.

The post Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique appeared first on Malwarebytes Labs.

Read more

How I learned to stop worrying and love ‘grey hat’ tools

Credit to Author: Tad Heppner| Date: Tue, 25 Feb 2020 13:45:19 +0000

A comprehensive security solution needs a sense of subtlety: not all machine code lends itself to be classified easily as malicious. As with most things in life, there&#8217;s a grey area in malware detection that includes hacking tools, poorly designed or easily exploitable applications, or borderline adware that provides little benefit to the unfortunate user [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/TR1pieWZO1k” height=”1″ width=”1″ alt=””/>

Read more