In response to reports that indicate more than half of attacks last year leveraged fileless or “malware-free” techniques, as hackers turn to stolen credentials in their efforts to breach corporate networks, experts from two cybersecurity firms offer perspective.
Full report for more details: https://www.zdnet.
Experts Comments
Organizations should consider isolation solutions that take sensitive apps and systems and put them in a completely separate zone.
Using endpoint security agents or EDR engines can help detect known malicious behavior, but cannot really protect against advanced persistent threats that leverage fileless malware or malware-free techniques, such as using legitimate software and legitimate user actions to do harm. For example: a malicious actor that leverages legitimate video conferencing and remote control software (e.g. Webex/TeamViewer/Zoom) to spy on users and impersonate their actions would not use any malware and.....Read More
To do this, we make sure that our tools are downloaded and executed only in the computer’s memory.
Malware-free and fileless attacks are two different concepts I would be hesitant to conflate. Malware-free implies the absence of any sort of malicious code, whereas fileless attacks do employ malicious code, but do so only in computer memory never writing itself as a file to the local hard drive. I’ve been brought in to more than one breach where the attacker used “malware-free” approaches like password guessing against remote desktop to first gain access to the environment. The.....Read More
CrowdStrike's report is both useful and timely.
the places where fileless malware can hide are so numerous, it is nearly pointless to attempt to enumerate them. With every environment as unique, with its own third-party apps, and configurations for each -- we find ourselves in situations where protecting from malicious logic would mean banning persistent registry keys and the loading of DLLs. Both of these options would require a complete rearchitecture of the Windows operating system. Other systems such as Linux and macOS are additionally.....Read More
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@Elad Shapira, Head of Research, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Indeed, we continue to see many supply chain attacks across all industries. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-on-report-malware-free-attacks-now-most-popular-tactic-amongst-cybercriminals
Facebook Message
@Elad Shapira, Head of Research, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Indeed, we continue to see many supply chain attacks across all industries. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-on-report-malware-free-attacks-now-most-popular-tactic-amongst-cybercriminals