Infecting files? That's so naughties, we use PowerShell now

Bad news from the trenches of the eternal battle between white hats and black hats, as attackers have moved from infecting files on drives to simply running PowerShell scripts in memory.  That type of attack does not leave the same traces on your file system as previous styles of infection and renders your fancy antivirus software ineffective.  A well crafted PowerShell script can happily sit in memory and convince your system to mine cryptocurrency, upload password files or completely map your network to assist in attacks against other machines.

Read More