6 ways malware can bypass endpoint protection

Sixty-three percent of IT security professionals say the frequency of attacks has gone up over the past 12 months, according to  Ponemon’s  2018 State of Endpoint Security Risk report — and 52% of respondents say all attacks cannot be realistically stopped. Their antivirus solutions are blocking only 43% of attacks. Sixty-four percent of respondents said that their organizations had experienced one or more endpoint attacks that resulted in a data breach.

The report, which was based on a survey of 660 IT security professionals, showed that most (70%) said that new and unknown threats to their organizations have increased, while the cost of a successful attack has increased from an average of $5 million to $7.1 million.

However, nearly every computer has some form of protection built in. So why are the attackers still getting through? These are the top methods attackers use to bypass endpoint protection security.

1. Script-based attacks

In a script-based or  “fileless” attack, the  malware  is actually a script that runs in an existing, legitimate application to leverage PowerShell or use other already-installed Windows components. There’s no new software being installed, so many traditional defenses are bypassed.

Read full article at CSO magazine.