New tool blocks imposter attacks disguised as safe commands

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...
CSOonline

How to log and monitor PowerShell activity for suspicious scripts and commands

Attackers are increasingly abusing sanctioned tools to subvert automated defenses. Tracking your Windows fleet’s PowerShell use — especially consultant workstations — can provide early indications of ...