Any update on this would the AV can penetrate and destroy on or while this is running on a machine.
http://www.computerworld.com.au/article/542449/cybercriminals_use_sophisticated_powershell-based_malware/?utm_medium=newsletter&eid=-6787&utm_source=computerworld-today-pm-edition
Page 1 / 1
I believe we do protect against this attack vector, but I'll double check with our threat team to be sure.
We do have the ability to add detection for this type of malware as needed. However, this is not very widespread and we are not currently detecting many variants of it as they are non-PE. Fortunately, most malware using this technique will attempt to download additional executable components, which will be detected and removed by WSA in most cases.
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.