Automating tasks on a computer used to be hard, but today it is very easy with a range of drag and drop tools available. Obviously the Power Automate included into Microsoft’s Windows 11 will be among the most popular – I know I use it. Now researchers at Zenity have discovered that these Windows 11 tools can be compromised and used by threat actors to distribute and operate such malicious software as ransomware and keyloggers:
A Windows 11 Automation Tool Can Easily Be Hijacked | WIRED UK
The upside, if there can be an upside, is that the research starts from the position that the threat actors have already got access to your computer, for example through a phishing email, social engineering attack or other malicious code.
I know I had a look at my Power Automate code over the weekend just to make sure!
Clive Catton MSc (Cyber Security) – by-line and other articles
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.
If you are unsure if you could recognise a modern phishing email or defend against a social engineering attack then have a look at our training site:
Cyber Security Experts | Awareness | Consultancy | Investigations (cyberawake.co.uk)
