For many crooks, malware is out and PowerShell attacks are in, IBM says
Digital thieves are ditching traditional forms of cybercrime in favor of more subtle techniques that apparently help them avoid detection, IBM says. Scammers are moving away from the use of malicious software, opting instead to exploit administrative tools to target business and organizations, according to a report published Tuesday by the company’s X-Force Threat Intelligence team. Nation-state hacking groups appear to have started the trend, but it seems to have spread throughout the broader cybercriminal black market. FireEye said in 2017 it detected a suspected Iranian group using similar techniques to collect reconnaissance about global critical infrastructure companies. IBM’s report says such tactics are everywhere now. Fifty-seven percent of the attacks IBM detected used common, otherwise benign applications like PsExec or PowerShell, a tool that can execute code from memory. Just 29 percent used more traditional phishing attacks. IBM says. This tactic enables hackers to evade antivirus protection and other common security controls. “PowerShell is useful in data […]
The post For many crooks, malware is out and PowerShell attacks are in, IBM says appeared first on CyberScoop.
Continue reading For many crooks, malware is out and PowerShell attacks are in, IBM says