<ul><li>The rise in the abuse of Microsoft’s LOLbins (Living Off the Land binaries) in the first half of 2024 has been significant.</li><li>Hackers used 187 LOLbins in their attacks, a 51% increase compared to 2023.</li><li>Commonly abused LOLbins include RDP, PowerShell, cmd.exe, and net.exe.</li><li>Sophos recommends adopting a multi-layered security approach and mitigating the abuse of LOLbins by restricting access, monitoring usage, implementing EDR solutions, disabling unused LOLbins, and educating employees.</li></ul>

Hackers are abusing Microsoft tools more than ever before

Discover more