Experimental News Clipping Site

Tag: PowerShell

  • Krebs on Security: This Windows PowerShell Phish Has Scary Potential

    by

    system automation
    in

    Source URL: https://krebsonsecurity.com/2024/09/this-windows-powershell-phish-has-scary-potential/ Source: Krebs on Security Title: This Windows PowerShell Phish Has Scary Potential Feedly Summary: Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard…

  • Hacker News: Attacking PowerShell Clixml Deserialization

    by

    system automation
    in

    Source URL: https://www.truesec.com/hub/blog/attacking-powershell-clixml-deserialization Source: Hacker News Title: Attacking PowerShell Clixml Deserialization Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text details a series of research findings related to security vulnerabilities associated with PowerShell’s CLIXML deserialization mechanism. Specifically, it highlights the risks stemming from the serialization and deserialization processes in PowerShell, emphasizing how these…

  • Cloud Blog: PEAKLIGHT: Decoding the Stealthy Memory-Only Malware

    by

    system automation
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/ Source: Cloud Blog Title: PEAKLIGHT: Decoding the Stealthy Memory-Only Malware Feedly Summary: Written by: Aaron Lee, Praveeth DSouza TL;DR Mandiant identified a new memory-only dropper using a complex, multi-stage infection process. This memory-only dropper decrypts and executes a PowerShell-based downloader. This PowerShell-based downloader is being tracked as PEAKLIGHT. Overview Mandiant Managed Defense…