all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

From OneNote to RansomNote: An Ice Cold Intrusion

Add to bookmarks
April 1, 2024, 11:54 a.m. | /u/TheDFIRReport

cybersecurity www.reddit.com

In late February 2023, threat actors rode a wave of initial access using Microsoft OneNote files. In this case, we observed a threat actor deliver IcedID using this method. The threat actor used FileZilla to exfiltrate data from the network before deploying Nokoyawa ransomware.



https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/

access actor case cold cybersecurity data exfiltrate data february files filezilla ice icedid initial access intrusion microsoft microsoft onenote network nokoyawa nokoyawa ransomware onenote onenote files ransomware threat threat actor threat actors

Visit resource

More from www.reddit.com / cybersecurity

Can I learn software dev, and cyber security at the same time? 3 hours ago | www.reddit.com
can cyber cyber security cybersecurity +5
Bitwarden just launched their 2FA app 3 hours ago | www.reddit.com
2fa 2fa apps app apps +14
Panera Bread ransomware attack - initial access vector? 3 hours ago | www.reddit.com
access attack bread cybersecurity +7
New Cuttlefish malware infects routers to monitor traffic for credentials 7 hours ago | www.reddit.com
credentials cuttlefish cuttlefish malware cybersecurity +4
How to attack through vulnerability PC in Internal network to another device in it. 8 hours ago | www.reddit.com
ask attack call can +10
Shortridge Makes Sense of the 2024 Verizon DBIR 11 hours ago | www.reddit.com
big cybersecurity dbir fan +2
CISA Releases Fact Sheet on Defending OT Environments 13 hours ago | www.reddit.com
cisa cybersecurity defending environments +3
For those actively in the job market and having trouble, what specifically is the hardest … 14 hours ago | www.reddit.com
bad current cybersecurity experience +9
Dropbox Says Hackers Breached Digital-Signature Product 15 hours ago | www.reddit.com
breached cybersecurity digital dropbox +3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Principal Business Value Consultant

@ Palo Alto Networks | Chicago, IL, United States
View on infosec-jobs.com

Cybersecurity Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

Penetration Testing Engineer- Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com

Internal Audit- Compliance & Legal Audit-Dallas-Associate

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com

Threat Responder

@ Deepwatch | Remote
View on infosec-jobs.com
View more jobs