Hello,
Recently we have seen fileless malware come up on some endpoints. PowerShell is launching a script that loads a text file, that spawns a remote connection back to an attacker.
I understand the Evasion Shield is supposed to detect this. Is there a way we can block PowerShell scripts with Webroot, or even better, where we can be alerted if a PowerShell script launches, or can we block it, etc?
Thank you