Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Microsoft PowerShell Increasingly Used as Malware-Disseminating Tool

Microsoft PowerShell, which replaces the command line of Windows software, is now being targeted with malware attacks while Symantec a security software firm asserts having observed PowerShell malware incidences increasing 95.4%.

IT professionals using the Windows operating system and working with Microsoft PowerShell laud the tool's highly powerful capability. Hence, the software giant based in Redmond has taken a step to categorize PowerShell a default shell within Windows OS. However, according to security researchers, cyber-crooks too are utilizing it more-and-more to spread malware. News.softpedia.com posted this, December 10, 2016.

There are other functions of PowerShell such as it helps uninstall security software, sniff passwords and identify sandboxes. The tool is already obtainable while is into existence since approximately 10-yrs. It's a default item that's automatically activated.

Symantec has detected malevolent PowerShell scripts while noting a rapid increase in the total threats particularly when enterprises widely use the shell module.

The security firm says that the majority of malevolent PowerShell scripts get utilized as downloads and sometimes also as Office macros. Eventually they're utilized for running code on certain PC followed with subsequently disseminating malicious software all over the network.

As per Symantec, system administrators should ensure that computers have PowerShell's latest version as well as enable monitoring options/extended logging.

Three well-known malware categories such as JS.Downloader, Trojan.Kotver, and W97M.Downloader are currently proliferating accompanied with malevolent PowerShell scripts. Of the total examined samples, they're respectively 4.0%, 4.5% and 9.4%.

Further, PowerShell scripts, which are more complex and work in phases, too are getting made; therefore, rather than hijack the target PC straight away, these are connected with another kind of script which ultimately installs the malware. Consequently, some specific protection applications/security solutions are easily bypassed; however, occasionally certain scripts get created for uninstalling these security products alternatively grabbing passwords from an entire network.

Most appropriately, protection from the kind of threats requires using fully updated security software along with the most recent edition of PowerShell. Furthermore, considering that the majority of scripts get served through e-mail, clicking on web-links, files or scripts should be avoided if they arrive from suspicious sources.

ยป SPAMfighter News - 12/15/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page