Home Applications Cisco: Introducing Exploit Prevention to Stop File-Less Attacks

Cisco: Introducing Exploit Prevention to Stop File-Less Attacks

0
Cisco: Introducing Exploit Prevention to Stop File-Less Attacks
0

In war, any good military strategist will try to exploit their enemy’s weaknesses. Cybercriminals are no different. They try to gain access to your endpoints and your sensitive data by exploiting weaknesses in your system, like a vulnerability in your software or in your operating system processes. Attackers are realizing that traditional file-based attacks that utilize malicious files (malware) are becoming less effective as cybersecurity technology becomes increasingly adept at detecting and blocking malicious files. As a result, attackers are using more “file-less” attack methods, or attacks where no actual malware file is used. They are also commonly referred to as “non-malware” attacks, or even “memory-based” attacks. The recent Equifax and DNC hacks are both high profile examples of file-less attacks.

But what exactly are file-less attacks? In short, they’re ways for an attacker to get a foothold in your system by exploiting vulnerabilities in native applications you use every day. They don’t entice you to download a malicious file which then executes and exfiltrates data. Instead, they exploit a vulnerability in your application to then, in a way, tell it what to do. It’s like planting a seed (injecting malicious code into memory) in an otherwise trusted application, and then that application runs the malicious commands and can open doors to other applications or processes to achieve its objective (steal sensitive data, hold a system ransom, etc).

Here’s a common example of how these work:

Read the entire article here, Introducing Exploit Prevention to Stop File-Less Attacks

Via the fine folks at Cisco Systems.

Categories:
Cisco Cisco is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected.

Featured Resources:

Related Articles:

| LATEST FEATURED RESOURCES

White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]

    Downloads

      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors

          Close