Security

How to Whitelist chocolatey installer under Powershell_DownloadString?

Xolo123
New Member

There are a lot of security alerts for "Powershell DownloadString" for Chocolatey installer. Is there a way to whitelist that alert keeping in mind that there was a recent attack - "Serpent Backdoor Slithers into Orgs Using Chocolatey Installer". 

Ref links:

https://threatpost.com/serpent-backdoor-chocolatey-installer/179027/

https://www.bleepingcomputer.com/news/security/serpent-malware-campaign-abuses-chocolatey-windows-pa... 

Labels (3)
0 Karma
Get Updates on the Splunk Community!

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...

Reminder! Splunk Love Promo: $25 Visa Gift Card for Your Honest SOAR Review With ...

We recently launched our first Splunk Love Special, and it's gone phenomenally well, so we're doing it again, ...