New Ursnif Malware Campaign Uses Fileless Infection to Avoid Detection January 24, 2019 https://www.bleepingcomputer.com/ne...n-uses-fileless-infection-to-avoid-detection/
What I hate about these type of articles is that they fail to mention that malware still needs to run inside a certain process. And the process that it's running in they don't actually mention clearly, so it's for me to guess. But it's probably wmic.exe or powershell.exe, so if you restrict those, then I guess you're good.