One way to get around PowerShell parsing issues is to encode a command to a Base64 string. An attacker can also use this to obscure what they are really doing. This may be normal, and it may be malicious. See https://blog.netspi.com/15-ways-to-bypass-the-powershell-execution-policy/ and https://nathangau.wordpress.com/2018/09/07/security-monitoring-additional-powershell-detections/ for details.
Security Monitoring: PowerShell used to Invoke an Encoded Command
One way to get around PowerShell parsing issues is to encode a command to a Base64 string. An attacker can also use this to obscure what they are really doing. This may be normal, and it may be malicious. See https://blog.netspi.com/15-ways-to-bypass-the-powershell-execution-policy/ and https://nathangau.wordpress.com/2018/09/07/security-monitoring-additional-powershell-detections/ for details.
Logging Computer: {0}