Which term describes attacks that use legitimate software for malicious purposes?

Living off the Land Attacks describe attacks that use legitimate software for malicious purposes. Attackers rely on built-in, trusted tools already present on the system to perform actions such as discovery, code execution, credential access, and data exfiltration, rather than dropping new malware. This helps them blend in with normal activity and makes detection harder since the tools themselves are legitimate and often whitelisted. In practice, defenders focus on limiting and monitoring the use of powerful system utilities (for example, PowerShell, WMI, certutil), enforcing least privilege, and applying application allowlisting to reduce the risk. By contrast, exploits involve taking advantage of vulnerabilities to run code, ransomware is malware that encrypts files for ransom, and patch management is a defensive practice to keep software up to date.