Bill Toulas
Blogs, Articles, and Posts
Hackers use new stealthy PowerShell backdoor to target 60+ victims
(bleepingcomputer.com)
A previously undocumented, fully undetectable PowerShell backdoor is being actively used by a threat
By: Bill Toulas submitted:Oct 21 2022
A previously undocumented, fully undetectable PowerShell backdoor is being actively used by a threat
actor who has targeted at least 69 entities.
By: Bill Toulas submitted:Oct 21 2022
Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks
(bleepingcomputer.com)
Lax policies for package naming on Microsoft's PowerShell Gallery code repository allow threat
By: Bill Toulas submitted:Aug 18 2023
Lax policies for package naming on Microsoft's PowerShell Gallery code repository allow threat
actors to perform typosquatting attacks, spoof popular packages and potentially lay the ground for massive supply chain attacks.
By: Bill Toulas submitted:Aug 18 2023
Russian hackers use PowerShell USB malware to drop backdoors
(bleepingcomputer.com)
The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to
By: Bill Toulas submitted:Jun 16 2023
The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to
target critical organizations in Ukraine's military and security intelligence sectors, employing a refreshed toolset and new infection tactics.
By: Bill Toulas submitted:Jun 16 2023
ViperSoftX malware covertly runs PowerShell using AutoIT scripting
(bleepingcomputer.com)
The latest variants of the ViperSoftX info-stealing malware use the common language runtime (CLR) to
By: Bill Toulas submitted:Jul 12 2024
The latest variants of the ViperSoftX info-stealing malware use the common language runtime (CLR) to
load and execute PowerShell commands within AutoIt scripts to evade detection. [...]
By: Bill Toulas submitted:Jul 12 2024
