As LotL Attacks Evolve, So Must Defenses

Living-off-the-land (LotL) phishing attacks have become more sophisticated, posing challenges for businesses and end users to detect them. These attacks arise from malware that hides malicious activity by exploiting the trust in legitimate third-party services. Notably, Adobe and QuickBooks have been leveraged in recent LotL phishing attacks. Typical defenses such as employee education and multilayered security, including real-time threat intelligence and endpoint as well as DNS protection are not adequate, necessitating backup and recovery solutions.