PowerShell Engineer Update for 3/10
Latest Videos
The PowerShell Hunter: Andrew sits down with Michael Haag, Principal Threat Research Engineer at Splunk.
Summarizing YouTube Transcripts with AI: Doug demonstrates how to use his PowerShell AI module to summarize YouTube transcripts.
Security Updates
New Phishing Uses PowerShell to Deploy C2 Malware: A “ClickFix” phishing campaign is tricking users into running malicious PowerShell copied to their clipboard, which in turn installs the Havoc post-exploitation C2 framework on their system
The attack disguises itself as a fake OneDrive error and prompts the user to “fix” it by pasting a provided PowerShell command. Once executed, the script fetches and injects the Havoc malware, giving attackers remote control over the machine
This sophisticated social-engineering tactic abuses Microsoft SharePoint and Graph API as part of its delivery, so admins should educate users and tighten execution policies..
Reference: bleepingcomputer.com
Automation Techniques
Querying Product Lifecycles via API: A new community blog post by Harm Veenstra shows how to retrieve software End-of-Life information using PowerShell (PowerShell is fun :)Retrieve End of Life information using PowerShell) (PowerShell is fun :)Retrieve End of Life information using PowerShell). By tapping into the public endoflife.date API (which aggregates support lifecycle data for hundreds of products), a PowerShell script can quickly fetch and display support status for chosen products. The script uses Invoke-RestMethod to query the API and even outputs results to an Excel file or interactive grid, making it easier for IT pros to check if products are still supported.
Managing REST APIs with Reusable Functions: PowerShell MVP Bas Wijdenes published a guide on building generic PowerShell functions to work with REST APIs (How to manage most Rest APIs with just a few PowerShell functions | Bas Wijdenes). Rather than writing separate cmdlets for every cloud service or endpoint, Bas demonstrates how to create a flexible set of functions (for GET, POST, PATCH, DELETE, etc.) that can call any REST API by adjusting parameters. This approach gives scripters more control over API calls and avoids one-off modules tied to specific services. The blog walks through designing these functions and packaging them (optionally as a module), empowering admins to interact with many web services using a consistent PowerShell pattern.