Russian ransomware takes advantage of Windows PowerShell

Discussion in 'malware problems & news' started by TheKid7, Mar 5, 2013.

Thread Status:
Not open for further replies.
  1. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,581
    Russian ransomware takes advantage of Windows PowerShell:
    http://nakedsecurity.sophos.com/2013/03/05/russian-ransomware-windows-powershell/
     
    TheKid7, Mar 5, 2013
    #1
  2. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,113
    Location:
    Sofa (left side)
    Nice. Any SRP users should really have an additional rule to deny Powershell execution, otherwise this bypasses SRP.
     
    Scoobs72, Mar 6, 2013
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...