Collaborate Disseminate
We analyze the latest activity by the Cloud Atlas gang. The attacks employ the PowerShower, VBShower and VBCloud modules to download victims’ data with various PowerShell scripts. Continue reading Cloud Atlas seen using a new tool in its attacks
Kaspersky experts analyze attacks by C.A.S, a cybergang that uses uncommon remote access Trojans and posts data about victims in public Telegram channels. Continue reading Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations
I have a server set up to run a PowerShell script every 15 minutes. This script needs to make API requests with keys and passwords. The script runs even when no user is logged in, so encryption based on the user profile wouldn’t make sense… Continue reading What’s the best method of securing keys/passwords used by a PowerShell script that runs when no user is logged in, using only one server, for free?
Have you lost your Windows 10 product key? You can find it listed in the operating system with a little know-how and a few simple commands. Continue reading How to Find Windows 10 Product Key in 3 Ways
Kaspersky experts describe an Elpaco ransomware sample, a Mimic variant, which abuses the Everything search system for Windows and provides custom features via a GUI. Continue reading Analysis of Elpaco: a Mimic variant
Kaspersky GERT experts have discovered in Colombia new Ymir ransomware, which uses RustyStealer for initial access and the qTox client for communication with its victims. Continue reading Ymir: new stealthy ransomware in the wild
Malicious CAPTCHA distributed through ad networks delivers the Amadey Trojan or the Lumma stealer, which pilfers data from browsers, password managers, and crypto wallets. Continue reading Lumma/Amadey: fake CAPTCHAs want to know if you’re human
Managing files and folders is a crucial part of many automation tasks, and you can do it efficiently via PowerShell. PowerShell allows you to perform various tasks. One such thing is the ability to check whether files and folders exist on your system. … Continue reading How to check if File and Folders exists using PowerShell
I’m trying to export users with their Role from AzureAD with the PowerShell script bellow.
When I execute the script I get an Excel file with four columns: Username, email, role and Description. But the columns of Role and Description are … Continue reading Problem, extraction Role of users from AzureAD by powersell [closed]
From a detection standpoint, when pivoting inside a network what difference (if any) is there between establishing a remote connection between using Enter-PSSession -ComputerName PC1 vs winrs -r:PC1 powershell?
Continue reading Difference between PS Remoting and Winrs from a detection standpoint