Clip Pub

Clients want to see another publix clic world

Attack Surface Reduction Rules | Rule 5 | Block executable content from email client and webmail

Attack Surface Reduction Rules | Rule 5 | Block executable content from email client and webmail
Posted in Minecraft By clipubPosted on Tagged , , , , , , , , , , , , , , , , , ,

Attack Surface Reduction Rules | Rule 5 | Block executable content from email client and webmail
Microsoft Article –
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide

MITRE Article – https://attack.mitre.org/techniques/T1204/002/

Attack Surface Reduction Rules | Rule 1 | Block abuse of exploited vulnerable signed drivers
https://youtu.be/_Z_LACSfm1s
Attack Surface Reduction Rules | Rule 2 | Block Adobe Reader from creating child processes – https://youtu.be/kfHHFbNzI2Q
Attack Surface Reduction Rules| Rule 3 | Block all Office applications from creating child processes – https://youtu.be/okhceXATTxk
Attack Surface Reduction|Rule -4|Block credential stealing from the Windows local security authority – https://youtu.be/ant2mMOy-ZM
Attack Surface Reduction Rules | Rule 5 | Block executable content from email client and webmail – https://youtu.be/jzUJtHSulik
Attack Surface Reduction|Rule-6|Block executable file from running unless they meet a prevalence,age – https://youtu.be/nOZfIo99tZg
Attack Surface Reduction Rules | Rule 7 | Block execution of potentially obfuscated scripts – https://youtu.be/tREyvRis4dQ
Attack Surface Reduction|Rules 8|Block JavaScript or VBScript from launching downloaded executable – https://youtu.be/oZds8ouSCGg
Attack Surface Reduction Rules | Rule 9 | Block Office applications from creating executable content – https://youtu.be/qLz-egbo8ok
Attack Surface Reduction | Rule 10 | Block Office application from injecting code into other process – https://youtu.be/Lzcoaf3wiN8
Attack Surface Reduction|Rule 11|Block Office communication application from creating child process – https://youtu.be/KwtR3ALfnU4
Attack Surface Reduction Rules | Rule 12 | Block persistence through WMI event subscription – https://youtu.be/J5GEQBsK_UU
Attack Surface Reduction Rule -13 | Block process creations originating from PSExec and WMI command –https://youtu.be/YGGvL72NxO4
Attack Surface Reduction Rules | Rule 14 | Block untrusted and unsigned processes that run from USB – https://youtu.be/J0lea0hyK6o
Attack Surface Reduction Rules | Rule 15 | Block Win32 API calls from Office macros – https://youtu.be/bOXvtj6sKp8
Attack Surface Reduction Rules | Rule 16 | Use advanced protection against ransomware – https://youtu.be/irbzkU4xpds

Attack Surface Reduction Rules | Rule 5 | Block executable content from email client and webmail
Scroll to top