home.aspx
 
. https://www.exabeam.com/ueba/fileless-malware-behavioral-analytics-machine-learning/
blog article
THE NEW BREED OF “FILELESS MALWARE” AND HOW IT CAN BE STOPPED WITH BEHAVIORAL ANALYTICS AND MACHINE LEARNING
A new genus of malware has emerged that breaks the rules of traditional detection and defense methods. Unlike other breeds of malware that require the installation of software on a victim’s machine, fileless malware infects a host computer’s dynamic memory, or RAM. Fileless malware attacks can also hijack Windows, essentially turning the power of the OS against its own users by using common tools like PowerShell (which is integrated into Windows 8) for its malicious activities. What are the steps of a fileless malware attack? Beginning with a phishing email, a visit to a malicious website, or the use of an infected USB flash memory stick, fileless malware scans the machine looking for vulnerabilities—whether it’s unpatched Flash or a Java plug-in, or almost any process that involves PowerShell. Malicious websites may also download Flash or Java onto a user’s machine. The payload then begins executing the attack by using the dynamic memory of the user’s computer, such as leveraging browser processes. (See Figure 1 for more information on the steps of an attack.). READ MORE