Threat P.L.HuHW2ACE.3

URI: P.L.HuHW2ACE.3

Package: ProcessComms

< prev | next >

Description: Execution of malicious email attachment at WebBrowser on Host in Space: user Human runs a malicious file sent as an email attachment via MUA, allowing the attacker to exploit the privileges of their browser WebBrowser on device Host using network connections it has from location Space.

Threat Type: Primary Threat

Matching Pattern:

P.L.HuHW2ACE.3
MP-HuHW2ACE

Finds a Human using a web browser running on a host to access email, when the host is located in a space, plus the associated host location access context and process contexts in which access to the webmail service is possible using networks to which the host is connected when in that location.

        (empty)

        (empty)

CSG-AntiMalwareAtHost

Anti-malware software is installed on device Host and kept up to date by regular software patches, and so can detect and prevent the execution of malicious code.

CSG-SpamFilteringAtMUA

Spam filtering functionality is installed on the email user agent MUA (a mail client or a webmail service).

CSG-UserSecurityTraining

Users in the role Human are trained to avoid most common cyber security errors by using only strong passwords, recognising malicious emails, and the importance of physical security including the use of screen locking for fixed devices that cannot be carried on the person.