CSOonline

How to log and monitor PowerShell activity for suspicious scripts and commands

Attackers are increasingly abusing sanctioned tools to subvert automated defenses. Tracking your Windows fleet’s PowerShell use — especially consultant workstations — can provide early indications of ...
CSOonline

Beware PowerShell: Too-helpful users tricked into ‘fixing’ their machines with malware

Attackers are using social engineering to get users to copy, paste, and run malicious scripts — all while thinking they are helping out the IT team. It’s bad enough that crooks foist malware on us for ...