ExtraHop has announced new capabilities to detect the malicious use of PowerShell. These enhancements provide the visibility needed to disrupt the attack kill chain and deliver insight to stop lateral movement in its tracks. Remote management tools like PowerShell have become a notable weapon for attackers, like the Qilin Ransomware-as-a-Service (RaaS) operation, which has hit many high-value organizations globally including several UK hospitals. Threat actors often use PowerShell for living-off-the-land to go under the radar … More →
The post New ExtraHop capabilities target malicious PowerShell use across enterprise environments appeared first on Help Net Security.
http://news.poseidon-us.com/TP4xjX
