SANS ISC

[SANS ISC] Malicious Powershell Script Dissection

I published the following diary on isc.sans.edu: “Malicious Powershell Script Dissection”:

Here is another example of malicious Powershell script found while hunting. Such scripts remain a common attack vector and many of them can be easily detected just by looking for some specific strings. Here is an example of YARA rule that I’m using to hunt for malicious Powershell scripts… [Read more]

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.