WeLiveSecurity

A dive into Turla PowerShell usage

Turla, also known as Snake, is an infamous espionage group recognized for its complex malware. To confound detection, its operators recently started using PowerShell scripts that provide direct, ...
CSOonline

Cryptominers and fileless PowerShell techniques make for a dangerous combo

This new dual-payload cryptojacking malware can disable Windows Antimalware Scan Interface and inject itself directly into memory of legitimate processes. Along with ransomware, cryptocurrency mining ...
Infosecurity-magazine.com

LummaC2 Infostealer Resurfaces With Obfuscated PowerShell Tactics

LummaC2, an infostealer malware actively exploiting PowerShell commands, has resurfaced to infiltrate and exfiltrate sensitive data. Discovered by cybersecurity researchers at Ontinue, the malware’s ...
Bleeping Computer

Malware Retrieves PowerShell Scripts from DNS Records

Malware researchers have come across a new Remote Access Trojan (RAT) that uses a novel technique to evade detection on corporate networks by fetching malicious PowerShell commands stored inside a ...
CSOonline

Ursnif Trojan is back with fileless persistence

Researchers warn about a new wave of attacks with an information-stealing Trojan called Ursnif that uses PowerShell and fileless execution mechanisms, making it harder to detect. Some of the attacks ...
PC World

Documents with malicious macros deliver fileless malware to financial-transaction systems

Spammed Word documents with malicious macros have become a popular method of infecting computers over the past few months. Attackers are now taking it one step further by using such documents to ...