Ongoing Powershell security threats result in a call to action


The factors that make Microsoft Powershell valuable for IT admins, such as: B. the remote management and diagnostics of a PC, also make it useful for attackers.

Many attackers, including ransomware threat actors, use PowerShell as a post-exploitation tool.

A joint US, New Zealand and UK cybersecurity statement on Wednesday recommended organizations properly configure and monitor PowerShell rather than completely disabling the scripting language and command-line tool for Windows. The new report outlined security features in PowerShell to protect common attack vectors such as credentials and remote management configurations.

“PowerShell is essential for securing the Windows operating system, especially as newer versions have addressed previous limitations and concerns through updates and improvements,” states the government agency’s cybersecurity fact sheet.

Powershell benefits for admins and security teams include the ability to…

Source link

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.