by Frank Ully
This article is the first in a multi-part series about Windows PowerShell and how attackers abuse it, how incident responders can detect these attacks – and how IT security managers can prevent them in the first place. Advanced attackers are regularly using scripts written in PowerShell as part of their attack toolchain. This is because Windows PowerShell, Microsoft’s task automation and configuration management framework, as well as the script language of the same name are now tightly integrated into modern Windows installations. [read the German article]