Bad news from the trenches of the eternal battle between white hats and black hats, as attackers have moved from infecting files on drives to simply running PowerShell scripts in memory. That type of attack does not leave the same traces on your file system as previous styles of infection and renders your fancy antivirus software ineffective. A well crafted PowerShell script can happily sit in memory and convince your system to mine cryptocurrency, upload password files or completely map your network to assist in attacks against other machines.
"This finding is important because it is another reminder that admins can no longer solely rely on detecting malicious executables and similar data on hard drives and other storage, to identify cyber-intrusions."
Here is some more Tech News from around the web:
- Just a fifth of Windows 10 PCs are running the latest version @ The Inquirer
- Anti-cheat software causing big problems for Windows 10 previews @ Ars Technica
- We'll ask you one more time: Where's our DRAM money? @ The Register
- USB 3.2 is going to make USB branding even more awful @ The Inquirer