attack.t1562.004 | Detection.FYI

Abusing PowerShell to Disable Defender Components

Nov 9, 2022 · attack.defense_evasion attack.t1562 attack.t1562.001 attack.t1562.004 ·
Share on:

Looks for instances of powershell being used to disable or impair Windows Defender functionality. Inspired by the 2022 Red Canary Threat Detection report.

Read More
Abusing PowerShell to Modify Defender Components

Nov 9, 2022 · attack.defense_evasion attack.t1562 attack.t1562.001 attack.t1562.004 ·
Share on:

Looks for instances of powershell being used to modify or degrade Windows Defender functionality. Inspired by the 2022 Red Canary Threat Detection report.

Read More