Seeing questions today from very small orgs on what *they* can do re. the heightened ransomware threat.
Let& #39;s review the essential, no-cost things these orgs can--and must--do to hugely reduce risk:
Counter attacks that use:
1. Office macros
2. RDP
3. Net-facing vulnerabilities
1. You must understand something: In today& #39;s world MS Office is unsuitable for use in default configuration.
Due to weak macro defense settings.

Best is to turn them off where possible. But you MUST, at very minimum, block macros from the Internet. https://www.microsoft.com/security/blog/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/">https://www.microsoft.com/security/...
New feature in Office 2016 can block macros and help prevent infection - Microsoft Security

To help counter malware, we are releasing a new feature in Office 2016 that blocks macros from loading in certain high-risk scenarios.

https://www.microsoft.com/security/blog/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/
I can& #39;t emphasize this enough: Microsoft Office cannot be used with reasonable security by organizations on PCs where users have access to email and web browsing without changing the default macro settings.
Period.
You should also look at this excellent information on the topic of hardening Office against macro threats:
https://www.cyber.gov.au/sites/default/files/2019-03/Microsoft_Office_Macro_Security.pdf">https://www.cyber.gov.au/sites/def...
2. Attackers are prolifically using RDP and other forms of remote access to break into organizations via weak passwords and shared passwords that have been compromised.
If these are needed, use 2FA. But at minimum all remote access accounts MUST have unique, strong passwords.
"Strong" passwords, for current purposes, are at least 12 random characters in length or 3-4 randomly chosen words from the dictionary.
Be mindful to look for "dangling" remote access. That is, remote access that is no longer used but was never disabled.
3. Finally, anything that faces the Internet MUST be up-to-date on patching. Routers. Firewalls. VPNs. RDP. Mail servers. Etc.
You can follow @arekfurt.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more