yet another it blog

Lemon Duck Kill chain

Block malware with Windows Firewall and Group Policies


A lot of malware uses common tools built into Windows for downloading payloads from remote servers. (Image Copyright Sophos Labs) Many of Antivirus and intrusion detection systems can block these kind of activities but similar protection can be done for no additional costs with Group Policy & Windows Firewall. Blocking PowerShell and other tools from …