ACSC outlines Office macro security measures
The Australian Cyber Security Centre (ACSC) has updated its online Microsoft Office Macro Security document, outlining steps that can be taken to keep systems secure from malicious macros.
According to the ACSC, “An increasing number of attempts to compromise organisations using malicious macros have been observed. In particular, adversaries have been observed using social engineering techniques to entice users into executing malicious macros in Microsoft Office files. The purpose of these malicious macros can range from cybercrime to more sophisticated exploitation attempts.
“By understanding the business requirements for the use of macros, and applying the recommendations in this document, organisations can effectively manage the risk of allowing macros in their environments.”
The document explains Microsoft Office macros and their use, and details ways in which different versions of Office can be made more secure via changing policy settings and other approaches.
The ACSC website also provides lots of information on other methods for hardening various versions Office, as well as Windows and other software, including advice for users of the now-unsupported Windows 7.
US issues warrants for five alleged APT41 members
The US Department of Justice has issued warrants for five alleged members of the APT41 cybercrime...
Evolving threat landscape a concern for cybersecurity analysts
A survey by Gartner has found that cybersecurity analysts are concerned about the rapidly...
Gartner: Businesses must balance risk, trust and opportunity
Security and risk leaders have been advised to balance risk, trust and opportunity to help their...
