Threat dissection

Anatomy of a PowerShell Attack

PowerShell is a scripting language that is legitimately used for almost any administrative activity available within an Active Directory environment. It is increasingly leveraged by cyberattackers and penetration testers to compromise servers and workstations by “living off the land”; the concept of using legitimate tools (PowerShell) readily available in almost all environments to achieve cyberattacker objectives.

Read the PowerShell Threat Dissection for more information on how this tool is used by cybercriminals and see how eSentire MDR for Endpoint with BlueSteel machine learning can detect and contain PowerShell cyberattacks.

Get The Threat dissection