For years, organizations and IT professionals have turned to Microsofts PowerShell for its efficiency and ease of use. It has become increasingly common for cybercriminals to leverage the tool as a springboard into your organization and beyond. This abuse of legitimate tools like PowerShell is not new, but is on the rise as cyber criminals find new ways to use the tools combined with other tactics and techniques. It is often treated as more secure than running most other scripting languages, and sometimes even treated as a ‘trusted’ application by security software and administrators.”]
Source: https://www.bankinfosecurity.com/whitepapers/threat-insight-powershell-suspicious-scripting-w-8224