In „Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust,“ we made a straightforward point: the most dangerous activity inside most organizations no longer resembles a traditional attack. Tundub, et see on halduslik. Modern adversaries favor the very same trusted tools — PowerShell, WMIC, netsh, Certutil, and MSBuild — that IT teams rely on daily. Bitdefender’s examination of 2,100,230 high-severity incidents revealed legitimate-tool abuse in 23% of cases. The most common response we received was a fair one: We know. So, what should we actually do about it? That’s precisely the question Bitdefender’s free Internal Attack Surface Assessment is designed to answer. It’s a low-effort, 503-day engagement offered to organizations with 250+ employees. It transforms the vague challenge of „living off the land“ into a clear, prioritized inventory of users, endpoints, and tools that can be safely removed from attackers‘ reach—without disrupting business operations.
Why This, Why Now. A fresh Windows 10 installation includes 2250 distinct LOLBins distributed among 987 separate executables.
The Hacker News