Welcome to our

Cyber Security News Aggregator

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

First slide label

Some representative placeholder content for the first slide.

Second slide label

Some representative placeholder content for the second slide.

Third slide label

Some representative placeholder content for the third slide.

Bypassing PowerShell Strong Obfuscation, (Thu, Mar 30th)

published on 2023-03-30 07:40:48 UTC by
Content:

Yesterday, I found a malicious PowerShell script that was heavily obfuscated. The filename is “B0A4.ps1"[1] (SHA256:b4814c8db16ecdd7904e81186715bf2a4b4ba28ef5853a41a8f59824f47f8f24), reported with a very low score on VirusTotal: 6/58. The file size is abnormal for a script like this (496KB). A first look at it reveals that it has been strongly obfuscated:

Article: Bypassing PowerShell Strong Obfuscation, (Thu, Mar 30th) - published over 1 year ago.

https://isc.sans.edu/diary/rss/29692
Published: 2023 03 30 07:40:48
Received: 2023 03 30 08:14:41
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 0