I am not currently watching Mastodon - find me on Bluesky at https://bsky.app/profile/joshooaj.com and let’s talk #powershell , #devops , #dotnet , #vscode , or just come say hi 
!
@tracisewell.com will be on stage for #PSConfEU 2025 in #Malmö (23-26 June)!
Better, Wiser, and Good: Cultivating Empathy and Support in Our Interactions
Tickets available at psconf.eu
#PowerShell #Skåne #Svenska #Sweden #IT #automation
Explore Aquaduct's role in automating deployment tasks in Azure DevOps with Jelle de Graaf. Learn about its functionalities, security considerations, and practical application through a detailed code demonstration. Don't miss out! #PowerShell #PSConfEU
Deploy your code and pipelines...
PSBlitz now includes:
Top plan cache usage by type and top 10 database in the "Instance Overview" page.
A bulk copy function for stats update commands on the "Stats Info" page.
Improved query store check via modified version of Erik Darling's sp_QuickieStore
#sqlserver #sqldba #powershell ##mssql
https://github.com/VladDBA/PSBlitz
DOGE Binary Loader Indicators of Compromise
This intelligence document provides a list of Indicators of Compromise (IoCs) associated with the DOGE Binary Loader. It includes several malicious URLs hosted on the domain 'hilarious-trifle-d9182e.netlify.app' along with their corresponding SHA-256 hashes. The listed files include PowerShell scripts ('lootsubmit.ps1' and 'trackerjacker.ps1'), a PNG image ('qrcode.png'), and an executable ('ktool.exe'). These IoCs are crucial for identifying and mitigating potential infections related to the DOGE Binary Loader malware campaign.
Pulse ID: 6807c697bf4aed9f93dbef55
Pulse Link: https://otx.alienvault.com/pulse/6807c697bf4aed9f93dbef55
Pulse Author: AlienVault
Created: 2025-04-22 16:40:55
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
IT security researchers warn of new attack technique using the clipboard
IT security researchers at Proofpoint have discovered a new attack method in which attackers use social engineering and the clipboard.
Here's a module I use to display a large, customizable clock on my Windows desktop using a WPF-based #PowerShell tool. https://github.com/jdhitsolutions/PSClock
How Lumma Stealer sneaks into organizations
Lumma Stealer, a sophisticated information-stealing malware, has gained prominence in cybercriminal circles since 2022. It employs various distribution methods, with fake CAPTCHA pages being a notable vector. These pages mimic legitimate services and trick users into executing malicious commands. The malware uses complex infection chains involving PowerShell scripts, JavaScript, and AutoIt components to evade detection. Once installed, Lumma Stealer targets a wide range of sensitive data, including cryptocurrency wallets, browser credentials, and financial information. The malware's stealthy execution and anti-analysis techniques make it a significant threat to both individuals and organizations.
Pulse ID: 680680f666b6192de781c7f1
Pulse Link: https://otx.alienvault.com/pulse/680680f666b6192de781c7f1
Pulse Author: AlienVault
Created: 2025-04-21 17:31:34
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
PowerShell 101 by Mike F. Robbins is free with a Leanpub Reader membership! Or you can buy it for $7.99! http://leanpub.com/powershell101 mikefrobbins@fosstodon.org #PowerShell #Devops
Wrote a quick blog post for Windows users: How to create a custom shortcut with Powertoys, to string together unlimited shortcuts.
#windows #windows11 #powertoys #powershell
https://blog.ifconfig.pro/2025/04/16/windows-powertoys-2-in-1-short-cuts/
Two sides of the same coin
This intelligence report analyzes the similarities between two previously separate APT groups, Team46 and TaxOff, concluding they are likely the same entity. The analysis covers their shared tactics, techniques, and procedures, including similar PowerShell commands, loader functionality, and infrastructure patterns. Key findings include the use of zero-day exploits, complex malware development, and long-term persistence strategies. The report details the groups' use of multi-layered encryption in their loaders, custom obfuscation techniques, and various malware tools like Trinper backdoor and Cobalt Strike. The combined group, now referred to as Team46, demonstrates sophisticated capabilities in targeted attacks against protected infrastructures.
Pulse ID: 6802c8019d40fa74671e9c6c
Pulse Link: https://otx.alienvault.com/pulse/6802c8019d40fa74671e9c6c
Pulse Author: AlienVault
Created: 2025-04-18 21:45:37
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
Explore the complexities of #PowerShell and Regex with @guyrleech.bsky.social Gain hands-on knowledge for parsing log files and handling text data efficiently. #PSConfEU
Working with Data File Formats...
<Optimus Prime Voice>
CALLING ALL CODERS AND SCRIPTERS
You must watch https://youtu.be/YVYxvI3INsM
</Optimus Prime Voice>
If #PowerShell is not your thing, just ignore that part, and you'll still be happy that you watched this.
Get-MgDeviceManagementDeviceCompliancePolicyScheduledActionForRuleScheduledActionConfigurationCount
Behind the PowerShell Pipeline by Jeff Hicks is on sale on Leanpub! Its suggested price is $49.98; get it for $31.49 with this coupon: https://leanpub.com/sh/g1ETtQUL JeffHicks@techhub.social #PowerShell
FYI: There is a new major release of the PnP.PowerShell (#SharePoint administration) #PowerShell module. "Biggest release yet" (!!) More info: https://pnp.github.io/blog/pnp-powershell/pnp-powershell-v3-0-0/
Detailed change log: https://github.com/pnp/powershell/blob/master/CHANGELOG.md
@powers-hell.com will be on stage for #PSConfEU 2025 in #Malmö (23-26 June)!
Argument completers, Dynamic parameters, and more: Building better PowerShell functions
Authentication unpacked: What does MSAL actually do?
Tickets at psconf.eu
#PowerShell #Svenska
I've come to the conclusion that the command line is peak UI. It's fast, and it doesn't freeze as often. I had an issue where I tried to delete a task in the Windows Task Scheduler and every time I would try, the UI froze on me. I piped the below into Powershell and it was deleted! No lag, no nothing!
Unregister-ScheduledTask -TaskName "RClone Backup Writings"
