PowerShell.exe, MSBuilt.exe and RegAsm.exe to connect to command and control (C2) servers and for data exfiltration of user data and browser credentials.Microsoft’s defensive recommendations include strengthening endpoint detection, particularly to block malicious artifacts, and requiring the use of multifactor authentication for logins.
Security awareness training is critical: To be effective, any security awareness and training program needs to recognize and be tailored to reflect the way people really work with security in an organization, as part of creating a positive security culture, says the UK’s National Cybersecurity Centre.There are free resources to help organizations build a cybersecurity and privacy learning program. For example, the US National Institute for Standards and Technology’s (NIST) latest guidance on the subject is an 87-page outline that notes that a plan needs measurements of success such as employee ability to recognize and report potential cybersecurity events and employee behavior change, and feedback throughout the year.”Cybersecurity and privacy awareness learning activities should be conducted on an ongoing basis throughout the year,” it says in part, “to ensure that employees are aware of their roles within the organization and the appropriate steps they must take to protect information, assets, and individuals’ privacy.”Examples of awareness activities that are appropriate for all users include:
messages on logon screens, organizational screen savers, and email signature blocks;employee newsletters with cybersecurity and privacy articles;posters (physical or digital) with cybersecurity and privacy tips;a Cybersecurity Awareness Month (October) or Data Privacy Awareness Week (January) activity fair;cybersecurity and privacy reminders and tips on employee materials (e.g., pens, notepads, etc.);periodic or as-needed email messages that provide timely tips or are sent in response to a cybersecurity or privacy event or issue.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3842391/almost-1-million-business-and-home-pcs-compromised-after-users-visited-illegal-streaming-sites-microsoft.html
