MALWARE USES BUILT-IN WINDOWS APPLICATIONS TO CARRY OUT A FILELESS ATTACK
New malware being increasingly used to harvest data from PCs using “fileless” attacks. Fileless means the initial attack is typically from a malicious email, using the inbuilt windows tools such as command line, powershell or vbscript the attack will launch and infect the pc by downloading additional payload.
This type of attack is not widely detected by current AntiVirus systems, Sonicwalls Capture Labs - sandboxing technology detects and prevents this in realtime.
Please see Sonicwall security blog