![]() ![]() You can define your custom File Blocking profiles, or choose one of the predefined profiles that are available with content release version 653 and later when applying file blocking to a Security policy rule.įigure 1 illustrates a sample of how to block Microsoft Team file transfer. For policy rules that allow video conferencing applications, you can be strict with your file blocking because of the risk that users unknowingly download malicious files.įor this type of traffic, you may want to attach a more strict file blocking profile that also blocks portable executable (PE) files. Nevertheless, it is suggested to block files known to carry threats or to have no real use case for upload/download. To minimize the chance of this threat, using App-ID features network security administrators might place a policy to granularity block file upload/download functions for users or groups. It is conceivable to infect participants' endpoints or mobile devices that are unwittingly downloading malicious files. For instance, in Zoombombing incidents, a teleconferencing session is hijacked, and hackers joining a meeting without authorization can upload and distribute malicious contents into a video-conference call rooms/meeting. For example, they could place a remote access Trojan inside a file that looks to have important information, share it in a meeting and attract users into downloading and running it. In a cyber-attack chain, delivery is a phase where the attacker sends a malicious payload to the victim. In this section, we'll introduce and discuss three scenarios for stopping possible attacks.Ĭyber-attack chain using file transfer in video conference applications
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |