84 percent of attacks now use legitimate tools

New research from Bitdefender shows that 84 percent of high severity attacks are using Living off the Land (LOTL) techniques, exploiting legitimate tools used by administrators. One of the findings is that the netsh.exe tool -- used for network configuration -- management is the most frequently abused tool, appearing in a third of major attacks. Other frequently exploited tools include the PowerShell.exe command-line shell and scripting language, Reg.exe, a command-line tool allows administrators to query, change, add, or remove registry entries, and Csc.exe, the Microsoft C# compiler. However, the research detected PowerShell activity on a staggering 73 percent of all endpoints. This stark reality demands a fundamental shift towards security solutions like Bitdefender's PHASR, which moves beyond blunt blocking to discern and neutralize malicious intent within these tools."