Microsoft changes default settings for a variety of reasons, but some recent key changes will keep us safer from attacks, specifically ransomware. This includes blocking macros by default, limiting native tools used by attackers, and activating Credential Guard by default.
Blocking Office 365 macros
The first major change in an Office 365 default blocks internet macros by default. Launching malicious macros is a common way that attackers can gain access to computer systems and launch lateral attacks. Specially, Visual Basic Application obtained from the internet will be blocked by default. Setting this as the default will mean that you’ll be better protected. If you’ve downloaded macro-based templates from websites, mark these files as trusted and remove the “mark of the web” from the files to ensure that they continue to work.
To read this article in full, please click here
More Stories
Smashing Security podcast #368: Gary Barlow, and a scam turns deadly
Take That's Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he? And a scam takes...
Redline Stealer: A Novel Approach
A new packed variant of the Redline Stealer trojan was observed in the wild, leveraging Lua bytecode to perform malicious...
Linux Cerber Ransomware Variant Exploits Atlassian Servers
The attacks exploit CVE-2023-22518, a critical flaw in Atlassian Confluence Data Center and Server Read More
North Korean Group Kimsuky Exploits DMARC and Web Beacons
Proofpoint confirmed Kimsuky has directly contacted foreign policy experts since 2023 through seemingly benign email conversations Read More
US Government and OpenSSF Partner on New SBOM Management Tool
OpenSSF, in collaboration with the US Government, has developed Protobom, a open source tool designed to simplify SBOM management for...
How to Protect Yourself Against AI Voice Cloning Attacks
Imagine receiving a call from a loved one, only to discover it’s not them but a convincing replica created by...