Remote Code Execution

Cyber Threat Analyst

A Cyber threat analyst is an information security professional who leverages skills and expertise of network engineering to mitigate and avoid cyberattacks on the organization or its employees.

Tracking, Detecting, and Thwarting PowerShell-based Malware and Attacks

Powershell - Is a command-line program that helps you automate tasks and manage your computer by executing commands. It's a versatile tool that can be used to perform a wide range of operations, making it a valuable resource for computer users.

MITRE ATT&CK

The MITRE ATT&CK framework has been an invaluable tool for cybersecurity researchers analyzing and classifying cyberattacks. Through the extensive amount of data and research available, the framework serves as a verification measure to evaluate techniques employed by adversarial groups, as well as track groups’ documented developments

Questions

• You just got a new job as a Cyber Threat Analyst, how would you explain your role to a family member?

A Cyber Threat Analyst keeps organizations secure by finding and understanding online threats, responding to incidents, and helping improve overall cybersecurity.

• Explain what makes PowerShell such an effective attack vector.

PowerShell is an ideal channel for delivering attacks, such as, virus-infected files and malicious trojans because of its wide deployment and access to all parts of a host via the .NET framework. Additionally, it is easy to develop scripts applicable for payload delivery, and because PowerShell is a trusted application, it will almost always be allowed to execute scripts with impunity.

• What are two things you can do to mitigate attacks that leverage PowerShell?

Implement PowerShell Execution Policies; Regularly Update PowerShell.