QakBot eCrime Campaign Leverages Microsoft OneNote Attachments | allinfosecnews.com

c

April 25, 2023, 9:41 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by CrowdStrike. In November 2021[1] and February 2022[2], Microsoft announced that by default it would block Excel 4 and VBA macros in files that were downloaded from the internet. Following these changes, CrowdStrike Intelligence observed eCrime adversaries that had previously relied on macro execution for malware delivery adapt their tactics, techniques and procedures (TTPs). Many adversaries began to use ISO files containing LNKs that then started the rest of the infec...

adversaries attachments block campaign crowdstrike default delivery excel february files intelligence internet macro macros malware microsoft microsoft onenote november onenote qakbot tactics techniques vba vba macros

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl

AI Hallucinations: The Emerging Market for Insuring Against Generative AI's Costly Blunders 2 days, 9 hours ago | cloudsecurityalliance.org

ai governance ai hallucinations blog chair +16

Cl

Upselling Cybersecurity: Why Baseline Security Features Shouldn’t Be a Commodity 2 days, 10 hours ago | cloudsecurityalliance.org

accountability advisory barr advisory consulting +23

Cl

Breach Debrief: The Fake Slackbot 6 days, 8 hours ago | cloudsecurityalliance.org

abusing adaptive shield breach design +15

Cl

Understanding the Nuances: Privacy and Confidentiality 6 days, 8 hours ago | cloudsecurityalliance.org

age american businesses clients +19

Cl

What’s in a Name? Defining Zero Trust for Leaders 6 days, 9 hours ago | cloudsecurityalliance.org

analyst board business concept +17

Cl

Are You Ready for Microsoft Copilot? 6 days, 9 hours ago | cloudsecurityalliance.org

ai chatbot chatbot copilot customers +13

Cl

Implementing a Data-Centric Approach to Security 6 days, 9 hours ago | cloudsecurityalliance.org

access access governance can cto +13

Cl

Cloud Security Alliance (CSA) AI Summit at RSAC to Deliver Critical Tools to Help Meet … 1 week, 1 day ago | cloudsecurityalliance.org

advice alliance april benefits +19

Cl

7 Common Causes of Data Breach: Safeguarding Your Digital Assets 1 week, 1 day ago | cloudsecurityalliance.org

assets breach breaches connected +16

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Level 1 SOC Analyst

@ Telefonica Tech | Dublin, Ireland

View on infosec-jobs.com

Specialist, Database Security

@ OP Financial Group | Helsinki, FI

View on infosec-jobs.com

Senior Manager, Cyber Offensive Security

@ Edwards Lifesciences | Poland-Remote

View on infosec-jobs.com

Information System Security Officer

@ Booz Allen Hamilton | USA, AL, Huntsville (4200 Rideout Rd SW)

View on infosec-jobs.com

Senior Security Analyst - Protective Security (Open to remote across ANZ)

@ Canva | Sydney, Australia

View on infosec-jobs.com