Fileless Malware Poses New Threat

There is a new threat appearing on corporate and personal networks called “fileless malware.”  It can sneak by traditional signature recognition endpoint security programs.  It is able to hide and stay resident by using trusted operating system and software application files to run the exploit.

Fileless malware exploits are estimated to comprise almost 30% of new exploits, and that percentage is rising as cyber-crime group move to this newer technology.  Fileless malware exploits are being target at financial institutions and other corporate networks.  Because this new exploit can be coupled with other malware exploits that are delivered remotely from CNC servers, it is expected that this threat will evolve and target individuals too.

Detection can be problematic unless your organization is utilizing some form of unified threat management, such as AlienVault, to review your system logs for anomalies and to keep an eye out for unusual traffic running across your network, or leaving your network for locations on the Internet.

Here are five tips to avoid fileless malware infections, from TechRepublic’s Jesus Vigo:

1. Restrict unnecessary scripting languages

2. Disable macros and digitally sign trusted macros

3. Monitor security appliance logs for unauthorized traffic

4. Implement endpoint security with active monitoring

5. Perform patch management across all devices

More information:

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.