Tag
The analytic detects PowerShell processes using command-line parameters to bypass the execution policy, often used by attackers to run malicious scripts undetected, leading to potential code execution, data exfiltration, or persistence.