Microsoft has been working on an answer to some clever new techniques used in penetration-testing kits to bypass Windows Defender Advanced Threat Protection (ATP), its key security platform for protecting Windows 10 in the enterprise.
Microsoft reports that it has detected two instances of fileless malware used to deliver information stealers that run in memory without an executable file being written to disk.
Fileless malware is on the rise, thanks to freely available tools that can be used to improve defenses or launch an attack.
