Hunting for Non-Traditional Initial Access Vectors: OneNote Notebooks and Malicious Shortcuts (.lnk)
In what’s looking like a new trend for 2023, we’re seeing a sharp increase in phishing attacks that are using new and non-traditional file types, including OneNote notebooks, ISO files, and malicious shortcuts (.lnk). This is a natural evolution since Microsoft’s decision last year to block macros in Office documents downloaded from the Internet. In this week’s Threat SnapShot, we’ll take a look at how attackers are weaponizing these file types, and discuss hunting and detection strategies you can use in your organization.
References:
-
-
SnapAttack Resources:
- - Threat: Trojanized OneNote
- - Detection: Suspicious Extracted File from
6 months ago 00:03:22 1
6 months ago 00:03:12 1
6 months ago 00:39:11 1
6 months ago 00:03:58 1
6 months ago 00:10:14 1
6 months ago 00:09:50 1
6 months ago 00:14:41 1
6 months ago 00:10:49 1
6 months ago 00:02:48 1
6 months ago 00:00:17 1
6 months ago 00:03:47 2
6 months ago 00:01:49 1
6 months ago 00:05:22 1
6 months ago 00:00:39 1
6 months ago 00:09:26 1
6 months ago 00:01:02 1
6 months ago 00:02:22 1
6 months ago 00:02:03 1
![Luthien’s Lullaby [Lay of Leithian Musical | English Version] The Silmarillion Animatic (Unfinished)](https://sun9-13.userapi.com/lsl87CJvItbYZ3kXfA4_wFenxVyADB_sOWcq0Q/TtICaho06_M.jpg)
6 months ago 00:39:55 1
6 months ago 00:05:46 1
6 months ago 00:01:30 6
6 months ago 00:02:47 1
6 months ago 00:03:10 1
6 months ago 00:11:22 1
