Security News > 2022 > June > Don't ditch PowerShell to improve security, say infosec agencies from UK, US, and NZ
Windows PowerShell is enormously useful, extremely prevalent, and often targeted by crooks because it offers an express route into the heart of Windows servers and networks.
Instead, the agencies recommend securing PowerShell prudently.
"PowerShell is essential to secure the Windows operating system," the agencies argue.
"Removing or improperly restricting PowerShell would prevent administrators and defenders from utilizing PowerShell to assist with system maintenance, forensics, automation, and security."
The document's first recommendation is ensuring use of PowerShell 7.2, because it improves on the previous version 5.x that shipped with some editions of Windows 10.
Enabling Deep Script Block Logging, Module Logging, and Over-the-Shoulder - three useful logging tools that can help to detect abuses of PowerShell.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/06/23/keep_poewrshell_security_advice/
Related news
- UK 'extremely dependent' on US for space security (source)
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)
- Hertz data breach: Customers in US, EU, UK, Australia and Canada affected (source)
- The UK’s phone theft crisis is a wake-up call for digital security (source)
- Infosec pros tell Trump to quit bullying Chris Krebs – it's undermining security (source)
- UK shares security tips after major retail cyberattacks (source)
- UK Ministry of Defence is spending less with US biz, and more with Europeans (source)
- As US vuln-tracking falters, EU enters with its own security bug database (source)
- Hackers behind UK retail attacks now targeting US companies (source)
- Cyber fiends battering UK retailers now turn to US stores (source)