Cybercrime Trends: Cryptojacking, Fileless AttacksCarbon Black's Rick McElroy Describes Latest Attacks and Threat Hunting Tactics
Attackers continue to shift their tactics to help evade improvements in defenses, says Rick McElroy of Carbon Black.
"Traditionally, a lot of endpoint attacks were malware-based," for example to infect systems with ransomware, he says. "Now, what attackers have started to do is, they know that there's better detection down there, and better prevention for that. So they're starting to do things like memory injections and invoking things like PowerShell, or invoking WMI [Windows Management Instrumentation]. So they continue to evolve and to evade traditional technology that's out there."
In a video interview at the recent Infosecurity Europe conference in London, McElroy discusses:
- Malware: Executable versus fileless attacks;
- Attackers' shift from using PowerShell to WMI;
- How ransomware is giving way to cryptojacking.
McElroy, security strategist for Carbon Black, has more than 15 years of information security experience educating and advising organizations on reducing their risk posture and tackling tough security challenges. He has held security positions with the U.S. Department of Defense and in several industries, including retail, insurance, entertainment, cloud computing and higher education.