all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

OneNote Embedded URL Abuse

Add to bookmarks
March 27, 2023, 7 a.m. | Nicholas Dhaeyer

NVISO Labs blog.nviso.eu

Whilst Microsoft is fixing the embedded files feature in OneNote I decided to abuse a whole other feature. Embedded URLs. Turns out this is something they may also have to fix.

abuse blue team credential harvesting cyber threats embedded files fix maldoc malware may microsoft onenote phishing phsihing qbot soc threat hunting threathunting url urls

Visit resource

More from blog.nviso.eu / NVISO Labs

Top things that you might not be doing (yet) in Entra Conditional Access – Advanced … 1 month, 1 week ago | blog.nviso.eu
access advanced azure azure ad +16
Unpacking Flutter hives 1 month, 1 week ago | blog.nviso.eu
access app applications application security +22
Become Big Brother with Microsoft Purview 1 month, 2 weeks ago | blog.nviso.eu
big big brother can companies +31
Covert TLS n-day backdoors: SparkCockpit & SparkTar 1 month, 3 weeks ago | blog.nviso.eu
amp applications backdoor backdoors +17
Top things that you might not be doing (yet) in Entra Conditional Access 1 month, 4 weeks ago | blog.nviso.eu
access azure azure ad b2b +20
Is the Google search bar enough to hack Belgian companies? 3 months ago | blog.nviso.eu
applications application security awareness belgium +27
Deobfuscating Android ARM64 strings with Ghidra: Emulating, Patching, and Automating 3 months, 1 week ago | blog.nviso.eu
android app application security arm64 +16
Scaling your threat hunting operations with CrowdStrike and PSFalcon 4 months, 1 week ago | blog.nviso.eu
agent aid automation blue +22
RPC or Not, Here We Log: Preventing Exploitation and Abuse with RPC Firewall 4 months, 2 weeks ago | blog.nviso.eu
abuse blog blue team deploy +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Systems Security Officer (ISSO) (Remote within HR Virginia area)

@ OneZero Solutions | Portsmouth, VA, USA
View on infosec-jobs.com

Security Analyst

@ UNDP | Tripoli (LBY), Libya
View on infosec-jobs.com

Senior Incident Response Consultant

@ Google | United Kingdom
View on infosec-jobs.com

Product Manager II, Threat Intelligence, Google Cloud

@ Google | Austin, TX, USA; Reston, VA, USA
View on infosec-jobs.com

Cloud Security Analyst

@ Cloud Peritus | Bengaluru, India
View on infosec-jobs.com
View more jobs