Russian ransomware takes advantage of Windows PowerShell

Discussion in 'malware problems & news' started by TheKid7, Mar 5, 2013.

Thread Status:
Not open for further replies.
  1. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Russian ransomware takes advantage of Windows PowerShell:
    http://nakedsecurity.sophos.com/2013/03/05/russian-ransomware-windows-powershell/
     
  2. Scoobs72

    Scoobs72 Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    1,108
    Location:
    Sofa (left side)
    Nice. Any SRP users should really have an additional rule to deny Powershell execution, otherwise this bypasses SRP.
     
Loading...
Thread Status:
Not open for further replies.