The most common threat to endpoints in the first half of 2020 was fileless malware, Cisco found. Dual-use tools are typically leveraged for exploitation and post-exploitation tasks. Credential-dumping tools make up a third critical-severity threat category. The most commonly seen of these tools that malicious actors to scrape login credentials from a compromised computer was Mimikatz. The U.S. Cybersecurity and Infrastructure Security Agency said last week that threat actors have been spotted using the Cobalt Strike commercial penetration testing tool to target commercial and federal government networks.
Source: https://threatpost.com/fileless-malware-critical-ioc-threats-2020/159422/