Fileless Attacks

Fileless Attacks inject malicious code into RAM memory and exploit approved applications on targeted devices to achieve their objectives and thwart detection.

 

With traditional file-based malware, the attacker must write a file to the local drive of the targeted device, which is an action that is more easily detected by modern security controls. By contrast, Fileless Attacks inject malicious code only into RAM memory (hence fileless) and exploit approved applications on targeted devices. This makes them far more difficult to detect. Fileless Attacks commonly exploit administrative utilities such as Windows Powershell or Windows Management Instrumentation (WMI). 

 

Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.