• About Us
  • Contact Us
  • Cookie policy (EU)
  • Home
  • Privacy Policy
  • Video
  • Write for us
Today Headline
  • HOME
  • NEWS
    • POLITICS
    • News for today
    • Borisov news
  • FINANCE
    • Business
    • Insurance
  • Video
  • TECHNOLOGY
  • ENTERPRISE
  • LIFESTYLE
    • TRAVEL
    • HEALTH
    • ENTERTAINMENT
  • AUTOMOTIVE
  • SPORTS
  • Travel and Tourism
  • HOME
  • NEWS
    • POLITICS
    • News for today
    • Borisov news
  • FINANCE
    • Business
    • Insurance
  • Video
  • TECHNOLOGY
  • ENTERPRISE
  • LIFESTYLE
    • TRAVEL
    • HEALTH
    • ENTERTAINMENT
  • AUTOMOTIVE
  • SPORTS
  • Travel and Tourism
No Result
View All Result
TodayHeadline
No Result
View All Result

NSA warns against silly mistake in the fight against Windows malware

June 23, 2022
in Entertainment
0
0
SHARES
4
VIEWS
Share on FacebookShare on Twitter



Task automation platform PowerShell, which is often abused by threat actors distributing malware (opens in new tab), can also be used for attack detection and prevention. This is the advice the US National Security Agency (NSA) recently gave to system administrators everywhere. 

Alongside cybersecurity centers in the UK and New Zealand, the NSA published a security advisory in which it argues that blocking PowerShell, a common security practice, actually lowers organizations’ defensive capabilities against ransomware (opens in new tab) and other forms of cyberattacks.

Instead, system admins should use it to boost their forensics and incident response, as well as to automate as many repetitive tasks as possible.

Numerous recommendations

“Blocking PowerShell hinders defensive capabilities that current versions of PowerShell can provide, and prevents components of the Windows operating system from running properly. Recent versions of PowerShell with improved capabilities and options can assist defenders in countering abuse of PowerShell,” the NSA stated.

The advisory comes with a number of recommendations, including leveraging PowerShell remoting, or using Secure Shell protocol (SSH) to improve the security of public-key authentication.

“Proper configuration of WDAC or AppLocker on Windows 10+ helps to prevent a malicious actor from gaining full control over a PowerShell session and the host,” the document explained.

System admins can also hunt for signs of abuse on their endpoints (opens in new tab) by recording PowerShell activity and monitoring logs. 

The advisory also recommends admins turn on features such as Deep Script Block Logging, Module Logging, or Over-The-Shoulder Transcription, as the former create a log database, handy for spotting aggressive PowerShell activity. 

The latter allows admins to record every PowerShell input and output, getting a better understanding of the attackers’ goals. 

“PowerShell is essential to secure the Windows operating system,” the NSA concluded, adding that, with proper configuration and management, it can be a great tool for system maintenance and security.

Via BleepingComputer (opens in new tab)

Previous Post

Family of drunk grandad who died after fall from stairs in Wetherspoons on stag do sue pub chain for £150,000

Next Post

Vivaldi now offers a built-in Mail client that’s pretty fabulous

Related Posts

Horizon Forbidden West Patch 1.17 Adds 120Hz, Variable Refresh Rate Support And New “Balanced” Graphics Mode
Entertainment

Horizon Forbidden West Patch 1.17 Adds 120Hz, Variable Refresh Rate Support And New “Balanced” Graphics Mode

Horizon Forbidden West’s latest patch...

Read more
Love Island's Laura Whitmore shows off pink hair as she teases Casa Amor recoupling
Entertainment

Love Island's Laura Whitmore shows off pink hair as she teases Casa Amor recoupling

Laura Whitmore treated Love Island...

Read more
‘RHOBH’ Star Stormed Out of Kyle Richards’ House After ‘Big Fight’
Entertainment

‘RHOBH’ Star Stormed Out of Kyle Richards’ House After ‘Big Fight’

"Real Housewives of Beverly Hills"...

Read more
The cryptocrash isn’t just saving PC gamers – it’s saving the planet
Entertainment

The cryptocrash isn’t just saving PC gamers – it’s saving the planet

The current cryptocurrency crash has...

Read more
‘Fire of Love’ review: Science, volcanoes and romance erupt
Entertainment

‘Fire of Love’ review: Science, volcanoes and romance erupt

The visually entrancing volcano documentary...

Read more
Load More
Next Post

Vivaldi now offers a built-in Mail client that's pretty fabulous

  • Trending
  • Comments
  • Latest
Flight Attendant Escorts Abandoned Senior Dog Cross-Country To His New Forever Family

Flight Attendant Escorts Abandoned Senior Dog Cross-Country To His New Forever Family

How old is Simon Cowell’s son Eric and who is his mother?

How old is Simon Cowell’s son Eric and who is his mother?

Six times actors really romped in sex scenes that make 365 DNI look tame

Six times actors really romped in sex scenes that make 365 DNI look tame

Ex-porn star Lana Rhoades flaunts 2.5st weight loss two weeks after giving birth

Ex-porn star Lana Rhoades flaunts 2.5st weight loss two weeks after giving birth

BlackBerry Between Harsh Reality And Mirages (NYSE:BB)

BlackBerry Between Harsh Reality And Mirages (NYSE:BB)

Citi Open adds Andy Murray, Simona Halep to field

Citi Open adds Andy Murray, Simona Halep to field

Michael Gove Sacked By Boris Johnson As He Vows To Fight On

Michael Gove Sacked By Boris Johnson As He Vows To Fight On

Mimicking the function of Ruffini receptors using a bio-inspired artificial skin

Mimicking the function of Ruffini receptors using a bio-inspired artificial skin

About Us

Todayheadline the independent news and topics discovery
A home-grown and independent news and topic aggregation . displays breaking news linking to news websites all around the world.

Follow Us

Latest News

BlackBerry Between Harsh Reality And Mirages (NYSE:BB)

BlackBerry Between Harsh Reality And Mirages (NYSE:BB)

Citi Open adds Andy Murray, Simona Halep to field

Citi Open adds Andy Murray, Simona Halep to field

BlackBerry Between Harsh Reality And Mirages (NYSE:BB)

BlackBerry Between Harsh Reality And Mirages (NYSE:BB)

Citi Open adds Andy Murray, Simona Halep to field

Citi Open adds Andy Murray, Simona Halep to field

Michael Gove Sacked By Boris Johnson As He Vows To Fight On

Michael Gove Sacked By Boris Johnson As He Vows To Fight On

  • Real Estate
  • Education
  • Parenting
  • Cooking
  • NFL Games On TV Today
  • Travel and Tourism
  • Home & Garden
  • Pets
  • Privacy & Policy
  • Contact
  • About

© 2021 All rights are reserved Todayheadline

No Result
View All Result
  • Real Estate
  • Education
  • Parenting
  • Cooking
  • NFL Games On TV Today
  • Travel and Tourism
  • Home & Garden
  • Pets
  • Privacy & Policy
  • Contact
  • About

© 2021 All rights are reserved Todayheadline

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Posting....