For years, the traditional approach to cybersecurity has been to block malware and stop the attack, but threat actors are now evolving their tactics to exploit what’s already inside your environment.
Attackers are moving away from using malware and instead opting to abuse trusted tools, native binaries, and legitimate admin utilities to move laterally, escalate privileges, and persist without raising alarms.
This shift in tactics means that most cybersecurity teams are caught off guard, as they are not expecting attacks to come from trusted sources within their own environment.
The use of trusted tools by attackers is a clever tactic, as it allows them to blend in with normal network activity and avoid detection.
As a result, it’s essential for cybersecurity teams to be aware of this new threat landscape and take steps to protect themselves from these types of attacks.
Source: Original Article
