CounterTack Advanced Threat Video Series Part II: Memory Only Attacks

Posted by Madeline Lee   |   February 7, 2018



Welcome to the second of CounterTack’s four-part video series on Advanced Threats. In this video we will be demonstrating a Meterpreter session using the Metasploit framework on a Kali Linux Virtual Machine. We will keep the Meterpreter session strictly in memory. This is known as a file-less based attack.

In the first half of the video, we will use Windows 7 running McAfee Antivirus on the victim machine. In the second half of the video, we will demonstrate the same memory-only based attack on the Windows 7 machine, this time running CounterTack’s EDR solution on the endpoint.

CounterTack’s EDR solution is behavior-based instead of signature-based; it detects new variants of malware regardless of new packing technique and other forms of obfuscation. CounterTack features memory-based analysis using our Digital DNA technology and automated remediation to catch never-before-seen attacks and automatically stop it in its tracks.

Learn about how CounterTack can help you protect against memory-only attacks in the video above! Check out our previous Advanced Threat video here.

Topics: cybersecurity, endpoint security, CounterTack, EDR, endpoint detection and response, Ransomware, advanced attacks, fileless, meterpreter, metasploit, memory only

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all