The most advanced cyberattackers try to look like your administrators, abusing legitimate credentials, using legitimate system binaries or tools that are natively utilized in the victim’s environment. These “living-off-the-land’ (LotL) cyberattacks continue to cause headaches for security teams, which often have no effective means of differentiating between malicious behavior and legitimate administrative behavior.
Read full article on Dark Reading: Cloud