[ISN] 3l33t haxxors don’t need no botnet, they just pinch passwords

http://www.theregister.co.uk/2015/09/08/dell_secureworks_malwareless/ By Darren Pauli The Register 8 Sep 2015 Half of all breaches Dell’s SecureWorks outfit has responded to over the last year have been a result of attackers using legitimate admin tools and stolen credentials. Dell’s threat research unit says the “living off the land” hack tactic makes security controls that seek malware and hacking infrastructure redundant, especially when command and control infrastructure are not used or run only briefly. Researchers cited three recent investigations where companies had been popped using administrator credentials. In one case, attackers stole the network credentials a manufacturing company staffer which were then used to log into the corporate Citrix platform and tap internal corporate resources. Those crims also used the unnamed client’s Altiris software distribution platform to pivot laterally through the company’s network and yank intellectual property. […]