Newsletter Archives

  • Hardening your operating system

    ON SECURITY

    Susan Bradley

    By Susan Bradley

    Several years ago, it was considered a best practice to protect business computer systems by “hardening” them.

    You would turn off unnecessary services, disable features, and basically follow a checklist provided by the Center for Internet Security (CIS). But now our protection must be much more than hardening the operating system. We must harden our perimeter and — more importantly — our browsing.

    You probably spend as much time surfing on a phone as you do surfing on a computer. Today’s big picture is that there are more and more people who use tablets or phones, touching traditional PCs only at the office. The result? Attackers are targeting business users through email, and home users through browsing.

    What can we do to harden these?

    Read the full story in our Plus Newsletter (20.49.0, 2023-12-04).

  • DDEAUTO vulnerability evolving

    Further to recent news on DDEAUTO vulnerability, this threat has, like all good malware, evolved.

    From nakedsecurity.sophos.com:

    On Friday, independent reports surfaced showing that it’s possible to run DDE attacks in Outlook using emails and calendar invites formatted using Microsoft Outlook Rich Text Format (RTF), not just by sending Office files attached to emails.

    In the original attack users had to be coaxed into opening malicious attachments. By putting the code into the email message body itself, the attack comes one step closer, meaning that the social engineering needed to talk a recipient into falling for it becomes easier.

    The good news is that whether a DDE attack comes via an attachment or directly in an email or a calendar invite, you can stop the attack easily:
    Just say no

    You can read their article here

    AdminITs might like to check out the Microsoft blog on ASR (Attack Surface Reduction), which is said to mitigate the risks – linked in the AdminIT Lounge topic “Enable Attack Surface Reduction in Win10-1709“.