It has come to our attention that cyber criminals have begun exploiting a vulnerability within Microsoft PowerPoint’s Object Linking and Embedding (OLE) interface to evade antivirus detection in an attempt to silently install malware applications on Windows based computer systems.
We are in our third part in a six-part series talking about the NIST Cybersecurity Framework and the core, or functions, of the framework. In the last 2 posts, we talked about the Identify and Protect functions of the framework and used the analogy of building a house. When you build a house, you must start with a foundation for your house to be built on (Identify). Next, you need to frame out your house, give it some walls and a roof to keep you safe from the weather and other elements (Protect). Once you have your house built, you need to put some items in your house to alert you to any pending danger or threats. These could be things like smoke detectors, carbon monoxide detectors and home alarm systems. Using that same analogy of building a house, this would be the Detect function of the core.
For the second part of our series on the NIST Cybersecurity Framework, we are going to be discussing the Protect function. Last time we discussed the Identify function which talked about the need to really understand your critical infrastructure, your systems, and the risks associated with those systems so you can move to the next step in the framework, to protect your critical infrastructure. As you can probably see, the functions of the framework build on each other in a logical order. In the first post in this series, I compared the framework to building a house. If the Identify function is the foundation, then the Protect function would be the framing of the outside of your house. You can’t build walls without a firm foundation!
A little over a month ago, a strain of Ransomware called WannaCry made headlines due to the incredibly successful nature of the attack as it infected hundreds of thousands of users around the world. This ransomware was delivered through an unpatched vulnerability in the Microsoft Operating System. Thankfully, the damage was minimal as the malware code had a “kill switch” built in that stopped the spread.
If you have been reading the blog for a while, you know that I take phishing examples that I receive or my co-workers receive, post them to the blog, and point out the things that you need to be careful of. I do this primarily to educate folks about what the latest threats look like, what differentiates a good phishing email from a bad phishing email, and also because it is fun (okay, I may be a little weird!) Well today is your lucky day because guess what? I got another phishing email over last weekend!