This is a hard problem because fundamentally I understand that fileless malware is when an application is attacked and it causes unintended behavior. But how do we define unintended? How is a piece of software supposed to figure out that another is doing something it’s not designed to do? Heuristically, and that means things will fall through the cracks. They’ll always be problems when the attacker straddles the line between normal behavior of the application and doing malicious activity.
Fileless Malware Evades Detection-Based Security
Submitted 5 months ago by Joker@sh.itjust.works to cybersecurity@infosec.pub
https://blog.morphisec.com/fileless-malware-attacks
Comments
henfredemars@infosec.pub 5 months ago
catloaf@lemm.ee 5 months ago
And that’s why you should practice defense in depth, for example, by ensuring users do not have excessive privileges, or access to files they don’t need.
M33@lemmy.sdf.org 5 months ago
File less malware are my favorite. Users event turn back on you when you can’t even show them a malicious file that caused an alert, a wreckage, or just a few hours disrupting their favorite excel brain dead sheet
Hiro8811@lemmy.world 5 months ago
Cyberpunk distopia is coming to town baby
scytale@lemm.ee 5 months ago
Is this like prions for software?
henfredemars@infosec.pub 5 months ago
Adept comparison! They are both difficult to destroy, and caused by misfolded or misappropriated software without actually putting new files or executables on the system. They are part of the system itself, integrated tightly into the existing software in memory.