GGPowerShell / Windows PowerShell Remote Command Execution Exploit

This python script mints a .ps file with an exploitable semicolon condition that allows for command execution from Microsoft Windows PowerShell. from base64 import b64encode from base64 import b64decode from socket import import argparse,sys,socket,struct,re GGPowerShell Microsoft Windows...

Locky Ransomware Distributed Via DOCM Attachments in Latest Email Campaigns

Throughout August, FireEye Labs has observed a few massive email campaigns distributing Locky ransomware. The campaigns have affected various industries, with the healthcare industry being hit the hardest based on our telemetry, as seen in Figure 1. Figure 1. Top 10 affected industries Numerous...