Archive for the ‘PowerShell Security’ Category

Fortinet FortiWeb OS Command Injection allows takeover servers remotely

Filed in Access Control, PowerShell Security, Security Breach, Security patching, Security Tools on Aug.17, 2021

Fortinet addresses a command injection vulnerability that can allow attackers to take complete control of servers running vulnerable FortiWeb WAF installs. An authenticated attacker could execute arbitrary commands as the root user on the underlying system via the SAML server configuration page. Experts pointed out that the flaw could be chained with an authentication bypass flaw that […]

Tags:

Leave a Comment

Magecart gang hides PHP-based web shells in favicons

Filed in PowerShell Security on May.14, 2021

Magecart cybercrime gang is using favicon to hide malicious PHP web shells used to maintain remote access to inject JavaScript skimmers into online stores. Magecart hackers are distributing malicious PHP web shells hidden in website favicon to inject JavaScript e-skimmers into online stores and steal payment information. Researchers from Malwarebytes observed threat actors, likely Magecart Group […]

Tags:

Leave a Comment

Microsoft warns of the rise of web shell attacks

Filed in PowerShell Security, Web Security on Feb.12, 2021

An Introduction to Web Shells

Tags:

Leave a Comment

10 essential PowerShell security scripts for Windows administrators

Filed in PowerShell Security on Jul.05, 2019

PowerShell is a valuable tool for automating Windows administration tasks, including laborious security chores Source: 10 essential PowerShell security scripts for Windows administrators   Defending Against PowerShell Attacks Enter your email address: Delivered by FeedBurner

Tags:

Comments (1)

  • subscribe

  • Advertising

  • Subscribe to our DISC InfoSec blog

    Enter your email address:
    Subscribe in a reader

    DISC InfoSec Titles


  • DISC InfoSec Services

    👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

  • Get a Cyber Aware Cheat Sheet now!

  • “Like” our DISC InfoSec page

    >> DISC InfoSec Facebook Page <<

  • DISC InfoSec Store

    DISC online store for recommended InfoSec products

  • DISC InfoSec Online Services

    DISC InoSec Services
  • Download ISO27k Standards

    vCISO as a service



  • Search DISC InfoSec blog

  • Meta

  • Blogroll

  • Archives

  • Categories

  • Tags

    arra and hitech Business china CISO Cloud computing cloud security Computer security Consultants Credit card data breach data security facebook Financial services fraud Google Hacking Health Insurance Portability and Accountability Act hipaa Identity Theft Information Security Information Security Management System International Organization for Standardization isms ISO/IEC 27001 iso 27001 ISO 27001 2013 ISO 27001 2013 Gap Assessment iso 27002 Log4j Log4shell Malware Microsoft National Institute of Standards and Technology Payment Card Industry Data Security Standard pci dss phishing privacy Risk Assessment Risk management San Francisco Security Security Risk Assessment Spyware United States vCISO

  • For an InfoSec and Compliance question

    Contact us

    Support us
  • Best Sellers Books in Computer Security

    New Releases in Computer Security