{"id":990589,"date":"2025-10-12T10:33:52","date_gmt":"2025-10-12T07:33:52","guid":{"rendered":"https:\/\/gpss.ro\/security-guide\/cartea-alba-de-securitate-2019-001-powershell-perspectiva-cibersecuritatii-vineri-19-iulie-2019-033100-pm-cest-8\/"},"modified":"2025-10-12T12:59:13","modified_gmt":"2025-10-12T09:59:13","slug":"cartea-alba-de-securitate-2019-001-powershell-perspectiva-cibersecuritatii-vineri-19-iulie-2019-033100-pm-cest-8","status":"publish","type":"security_advisory","link":"https:\/\/delve.ro\/ro\/security-guide\/cartea-alba-de-securitate-2019-001-powershell-perspectiva-cibersecuritatii-vineri-19-iulie-2019-033100-pm-cest-8\/","title":{"rendered":"Security White Paper 2019-001 &#8211; PowerShell &#8212; Cybersecurity Perspective\n                            \n                            Friday, July 19, 2019 03:31:00 PM CEST\n                            In the last years we have seen an increasing use of PowerShell for malicious purposes. This was mainly caused by its powerfulness and lack of means to counter this kind of usage. On the other hand PowerShell also evolved, providing currently also more means for defenders. The aim of this document is to present PowerShell from a cybersecurity perspective. Described are also controls that can be implemented in the prevention and detection of cyberattacks using PowerShell."},"content":{"rendered":"<div class=\"gpss-language-switcher\" style=\"margin-bottom: 20px; padding: 15px; background: #f0f9ff; border-left: 4px solid #3b82f6; border-radius: 8px;\">\n            <div style=\"display: flex; align-items: center; justify-content: space-between; flex-wrap: wrap; gap: 10px;\">\n                <div style=\"display: flex; align-items: center; gap: 10px;\">\n                    <span style=\"font-weight: 600; color: #1e40af;\">\ud83c\udf0d Limb\u0103 \/ Language:<\/span>\n                    <button onclick=\"switchLanguage('en')\" id=\"btn-lang-en\" class=\"lang-btn lang-btn-active\" style=\"padding: 8px 16px; background: #3b82f6; color: white; border: none; border-radius: 6px; cursor: pointer; font-weight: 600; transition: all 0.3s;\">\n                        \ud83c\uddec\ud83c\udde7 English (Original)\n                    <\/button>\n                    <button onclick=\"switchLanguage('ro')\" id=\"btn-lang-ro\" class=\"lang-btn\" style=\"padding: 8px 16px; background: #e5e7eb; color: #374151; border: none; border-radius: 6px; cursor: pointer; font-weight: 600; transition: all 0.3s;\">\n                        \ud83c\uddf7\ud83c\uddf4 Rom\u00e2n\u0103\n                    <\/button>\n                <\/div>\n                <small style=\"color: #6b7280; font-style: italic;\">Traducere automat\u0103 \/ Automatic translation<\/small>\n            <\/div>\n        <\/div>\n\n        <div id=\"content-en\" class=\"lang-content\" style=\"display: block;\">\n            <div class=\"article-content\">CERT-EU security guidance: Security White Paper 2019-001 - PowerShell -- Cybersecurity Perspective\n                            \n                            Friday, July 19, 2019 03:31:00 PM CEST\n                            In the last years we have seen an increasing use of PowerShell for malicious purposes. This was mainly caused by its powerfulness and lack of means to counter this kind of usage. On the other hand PowerShell also evolved, providing currently also more means for defenders. The aim of this document is to present PowerShell from a cybersecurity perspective. Described are also controls that can be implemented in the prevention and detection of cyberattacks using PowerShell.<\/div>\n        <\/div>\n\n        <div id=\"content-ro\" class=\"lang-content\" style=\"display: none;\">\n            <div class=\"article-content\"><?xml encoding=\"UTF-8\"><p>Ghid de securitate Cert-UE: Securitate Alb&#259; 2019-001-PowerShell-Perspectiva cibersecurit&#259;&#539;ii\n                            \n                            Vineri, 19 iulie 2019 03:31:00 PM CEST\n                            &Icirc;n ultimii ani am observat o utilizare din ce &icirc;n ce mai mare a PowerShell &icirc;n scopuri r&#259;u inten&#539;ionate. Acest lucru a fost cauzat &icirc;n principal de puterea &#537;i lipsa mijloacelor de a contracara acest tip de utilizare. Pe de alt&#259; parte, PowerShell a evoluat &#537;i el, oferind &icirc;n prezent &#537;i mai multe mijloace pentru ap&#259;r&#259;tori. Scopul acestui document este de a prezenta PowerShell dintr -o perspectiv&#259; cibernetic&#259;. Descrise sunt, de asemenea, controale care pot fi implementate &icirc;n prevenirea &#537;i detectarea cyberattacks folosind PowerShell.<\/p><\/div>\n        <\/div>\n\n        <script>\n        function switchLanguage(lang) {\n            \/\/ Ascunde ambele versiuni\n            document.getElementById(\"content-ro\").style.display = \"none\";\n            document.getElementById(\"content-en\").style.display = \"none\";\n\n            \/\/ Reseteaz\u0103 stilurile butoanelor\n            document.querySelectorAll(\".lang-btn\").forEach(function(btn) {\n                btn.style.background = \"#e5e7eb\";\n                btn.style.color = \"#374151\";\n                btn.classList.remove(\"lang-btn-active\");\n            });\n\n            \/\/ Afi\u0219eaz\u0103 versiunea selectat\u0103\n            if (lang === \"ro\") {\n                document.getElementById(\"content-ro\").style.display = \"block\";\n                document.getElementById(\"btn-lang-ro\").style.background = \"#3b82f6\";\n                document.getElementById(\"btn-lang-ro\").style.color = \"white\";\n                document.getElementById(\"btn-lang-ro\").classList.add(\"lang-btn-active\");\n            } else {\n                document.getElementById(\"content-en\").style.display = \"block\";\n                document.getElementById(\"btn-lang-en\").style.background = \"#3b82f6\";\n                document.getElementById(\"btn-lang-en\").style.color = \"white\";\n                document.getElementById(\"btn-lang-en\").classList.add(\"lang-btn-active\");\n            }\n\n            \/\/ Salveaz\u0103 preferin\u021ba \u00een localStorage\n            localStorage.setItem(\"gpss_preferred_language\", lang);\n        }\n\n        \/\/ Restaureaz\u0103 preferin\u021ba utilizatorului la \u00eenc\u0103rcare\n        document.addEventListener(\"DOMContentLoaded\", function() {\n            var preferredLang = localStorage.getItem(\"gpss_preferred_language\") || \"ro\";\n            switchLanguage(preferredLang);\n        });\n\n        \/\/ Hover effects pentru butoane\n        document.querySelectorAll(\".lang-btn\").forEach(function(btn) {\n            btn.addEventListener(\"mouseenter\", function() {\n                if (!this.classList.contains(\"lang-btn-active\")) {\n                    this.style.background = \"#bfdbfe\";\n                    this.style.color = \"#1e40af\";\n                }\n            });\n            btn.addEventListener(\"mouseleave\", function() {\n                if (!this.classList.contains(\"lang-btn-active\")) {\n                    this.style.background = \"#e5e7eb\";\n                    this.style.color = \"#374151\";\n                }\n            });\n        });\n        <\/script>\n\n        <style>\n        .lang-btn:hover {\n            transform: translateY(-2px);\n            box-shadow: 0 4px 12px rgba(59, 130, 246, 0.3);\n        }\n        .lang-btn-active {\n            box-shadow: 0 4px 12px rgba(59, 130, 246, 0.4);\n        }\n        <\/style>","protected":false},"excerpt":{"rendered":"<p>\ud83c\udf0d Limb\u0103 \/ Language: \ud83c\uddec\ud83c\udde7 English (Original) \ud83c\uddf7\ud83c\uddf4 Rom\u00e2n\u0103 Traducere automat\u0103 \/ Automatic translation CERT-EU security guidance: Security White Paper 2019-001 &#8211; PowerShell &#8212; Cybersecurity Perspective Friday, July 19, 2019 03:31:00 PM CEST In the last years we have seen an increasing use of PowerShell for malicious purposes. This was mainly caused by its powerfulness [&hellip;]<\/p>\n","protected":false},"featured_media":0,"template":"","meta":[],"advisory_audience":[191],"advisory_topic":[],"advisory_source":[181],"advisory_severity":[184],"advisory_region":[176],"news_source":[],"class_list":["post-990589","security_advisory","type-security_advisory","status-publish","hentry","advisory_audience-technical","advisory_source-cert-eu","advisory_severity-medium","advisory_region-international"],"_links":{"self":[{"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/security_advisory\/990589","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/security_advisory"}],"about":[{"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/types\/security_advisory"}],"version-history":[{"count":1,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/security_advisory\/990589\/revisions"}],"predecessor-version":[{"id":990988,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/security_advisory\/990589\/revisions\/990988"}],"wp:attachment":[{"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/media?parent=990589"}],"wp:term":[{"taxonomy":"advisory_audience","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/advisory_audience?post=990589"},{"taxonomy":"advisory_topic","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/advisory_topic?post=990589"},{"taxonomy":"advisory_source","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/advisory_source?post=990589"},{"taxonomy":"advisory_severity","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/advisory_severity?post=990589"},{"taxonomy":"advisory_region","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/advisory_region?post=990589"},{"taxonomy":"news_source","embeddable":true,"href":"https:\/\/delve.ro\/ro\/wp-json\/wp\/v2\/news_source?post=990589"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}