Here is some research by Tomer Bar, Director of Security Research at SafeBreach on how they detected some backdoor malware, which was originally designated fully undetectable (FUD) powershell backdoor, but obviously now it is detected. It all starts with a malicious Microsoft Word document, that includes a macro that starts …