CSO Online

WhatsApp malware campaign uses malicious VBS files to gain persistent access

The attack chain relies on delayed execution, trusted Windows utilities, and legitimate hosting services to maintain ...
CSOonline

How to log and monitor PowerShell activity for suspicious scripts and commands

Attackers are increasingly abusing sanctioned tools to subvert automated defenses. Tracking your Windows fleet’s PowerShell use — especially consultant workstations — can provide early indications of ...
Dark Reading

FileFix Attack Chain Enables Malicious Script Execution

A security researcher has discovered a FileFix attack chain that allows a threat actor to execute malicious scripts while bypassing the Mark of the Web (MoTW) protection in Windows. ClickFix is a ...