"Memory-Based Malware Uses PowerShell Scripts, Pentest Tools to Evade Detection"

Researchers at Kaspersky Lab have discovered a memory-based malware that bypasses detection via PowerShell scripts ran within the Windows registry and penetration testing tools. As of right now, this malware has attacked 140 organizations within 40 different countries. This article discusses how this malware was discovered as well as how it performs attacks. 

https://www.tripwire.com/state-of-security/latest-security-news/memory-based-malware-uses-powershell-scripts-pentest-tools-evade-detection/