all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

OneNote Embedded file abuse

Add to bookmarks
Feb. 27, 2023, 8 a.m. | Nicholas Dhaeyer

NVISO Labs blog.nviso.eu

In recent weeks OneNote has gotten a lot of media attention as threat actors are abusing the embedded files feature in OneNote in their phishing campaigns.
In this post we will analyze this new way of malware delivery and create a detection rule for it.

abuse abusing attention campaigns cyber threats delivery detection detection engineering embedded file files maldoc malware media onenote phishing qakbot qbot reverse engineering threat threat actors threat hunting yara

Visit resource

More from blog.nviso.eu / NVISO Labs

Top things that you might not be doing (yet) in Entra Conditional Access – Advanced … 1 month, 1 week ago | blog.nviso.eu
access advanced azure azure ad +16
Unpacking Flutter hives 1 month, 1 week ago | blog.nviso.eu
access app applications application security +22
Become Big Brother with Microsoft Purview 1 month, 2 weeks ago | blog.nviso.eu
big big brother can companies +31
Covert TLS n-day backdoors: SparkCockpit & SparkTar 1 month, 3 weeks ago | blog.nviso.eu
amp applications backdoor backdoors +17
Top things that you might not be doing (yet) in Entra Conditional Access 1 month, 4 weeks ago | blog.nviso.eu
access azure azure ad b2b +20
Is the Google search bar enough to hack Belgian companies? 3 months ago | blog.nviso.eu
applications application security awareness belgium +27
Deobfuscating Android ARM64 strings with Ghidra: Emulating, Patching, and Automating 3 months, 1 week ago | blog.nviso.eu
android app application security arm64 +16
Scaling your threat hunting operations with CrowdStrike and PSFalcon 4 months, 1 week ago | blog.nviso.eu
agent aid automation blue +22
RPC or Not, Here We Log: Preventing Exploitation and Abuse with RPC Firewall 4 months, 2 weeks ago | blog.nviso.eu
abuse blog blue team deploy +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Digital Trust Cyber Transformation Senior

@ KPMG India | Mumbai, Maharashtra, India
View on infosec-jobs.com

Security Consultant, Assessment Services - SOC 2 | Remote US

@ Coalfire | United States
View on infosec-jobs.com

Sr. Systems Security Engineer

@ Effectual | Washington, DC
View on infosec-jobs.com

Cyber Network Engineer

@ SonicWall | Woodbridge, Virginia, United States
View on infosec-jobs.com

Security Architect

@ Nokia | Belgium
View on infosec-jobs.com
View more jobs