Blog

Informative, up-to-date and exciting – the Oneconsult Cybersecurity Blog.

PowerShell IV – Memory forensics
|
29.06.2018
(updated on: 25.01.2024)

by Frank Ully

This is the fourth article in a multi-part series about Windows PowerShell and how attackers abuse it, how incident responders can detect these attacks – and how IT security managers can prevent them in the first place. This article provides a general introduction to memory forensics, a relatively new method of investigation for incident responders and IT forensic experts against modern threats such as PowerShell attacks. [read the German article]

Categories

All Categories
News & Advisories
Pen Tester's Diary
DFIR Analyst's Diary

This might also be of interest to you:

Autor

Keine Beschreibung verfügbar.
Never want to miss anything again?

Subscribe to our news feed on LinkedIn and register to receive our newsletter.

Sign up for our Newsletter
Privacy Statement

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 6:00 p.m (exception: customers with SLA – please call the 24/7 IRR emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

  • What and who is affected?
  • Who discovered and reported the incident?
  • How and when was the incident noticed?
  • What did you observe?
  • What are you concerned about in connection with the incident?
  • What actions have already been taken?

For more information about our DFIR services here:

QR_CSIRT_2022_EN@2x
Add CSIRT to contacts