Additional information (fi)
Fileless malware / fileless ransomware
This is a kind of malware that doesn't sit on your computer in a separate file, but instead hides itself in existing files, the memory or the register. Cybercriminals often seek ways to install malicious files on your computer, but a fileless attack doesn't require that. Types of fileless malware are: exploits, registry-resident malware, memory-resident malware, memory-only malware and fileless ransomware. Attackers can also use stolen credentials to access their target. Fileless malware isn't written to disk like traditional malware and doesn't leave behind traces of its existence. This stealthiness is what makes it difficult to detect fileless malware and enables it to harm your system for as long as it remains hidden.Fileless ransomware is a type of ransomware that hides on your computer without having installed a file, it is extremely challenging to detect using signature-based methods, sandboxing or even machine learning-based analysis, AI could be able to be used against fileless malware because of it's ability to look for malicious behaviour instead of only malicious files.
Firmware
Definition: Computer programs contained permanently in a hardware device (such as a read-only memory). It provides the necessary instructions for how the device communicates with the other computer hardware. Firmware is typically stored in the flash ROM of a hardware device. While ROM is "read-only memory," flash ROM can be erased and rewritten because it is actually a type of flash memory. You may need to update the firmware of certain devices, such as hard drives and video cards in order for them to work with a new operating system. CD and DVD drive manufacturers often make firmware updates available that allow the drives to read faster media. Sometimes manufacturers release firmware updates that simply make their devices work more efficiently.Firmware vulnerabilities: Firmware vulnerabilities can be located in just about any system or device component. Unfortunately, most organizations do not have in place regular patching practices to clean up firmware, hard drives or other components. This dramatically lowers the bar for hackers and creates an ideal environment for hidden and persistent backdoors.
The number of firmware vulnerabilities has skyrocketed in recent years. Security researchers believe that the total number of Common Vulnerabilities and Exposures (CVEs) is 7.5 times greater than what was documented just three years ago. Firmware vulnerabilities often show up in security features such as privileges and access control, and often are discovered too late.