A fileless attack (“memory-based” or “living-off-the-land,” for example) is one in which an attacker uses existing software, allowed applications and authorized protocols to carry out malicious activities. More and more attackers are moving away from traditional malware—in fact, 60% of today’s attacks involve fileless techniques. These attacks are capable of gaining control of computers without using traditional executable files as a first level of attack.
With fileless attacks, an attacker is able to infiltrate, take control and carry out objectives by taking advantage of vulnerable software that a typical end user would leverage on a dayto-day basis (think web browsers or Office-suite applications). Attackers will also use the successful exploit to gain access to native operating system tools (like PowerShell and Windows Management Instrumentation – WMI) or other applications that grant the attacker a level of execution freedom. These native tools grant users exceptional access and privileges to carry out the most basic commands across a network that lead to valuable data.
To learn more download this report today.