Files packaged with Excel-DNA from which a dll containing 2 urls pointing to Discord is extracted. These download data files and encode them with XOR creating additional DLLs, which initiate the malware infection.
CISA adds a new module to help organizations against ransomware. It is the Ransomware Readiness Assessment (RRA) module, just added to the Cyber Security Evaluation Tool (CSET)
Organizations have a new tool to help determine their preparedness for defending against, and recovering from, a cybercrime ransomware attack. It’s the Ransomware Readiness Assessment (RRA) module, just added by the US Cybersecurity and Infrastructure Security Agency (CISA) to its Cyber Security Evaluation Tool (CSET). The RRA is a self-assessment based on a tiered set of practices to help organizations better assess how well they are equipped to defend and recover from a ransomware incident. CISA has tailored the RRA to varying levels of ransomware threat readiness to make it useful to all organizations regardless of their current cybersecurity maturity.
How the CISA RRA will help the cybersecurity and the preparedness of the organizations
The new CISA RRA module:
- Helps organizations evaluate their cybersecurity posture, with respect to ransomware, against recognized standards and best practice recommendations in a systematic, disciplined, and repeatable manner;
- Guides asset owners and operators through a systematic process to evaluate their operational technology (OT) and information technology (IT) network security practices against the ransomware threat;
- Provides an analysis dashboard with graphs and tables that present the assessment results in both summary and detailed form.
The CSET, instead, is a desktop software tool built to help network defenders assess their security practices with a step-by-step process. It can be used for IT and industrial control system (ICS) networks.