Microsoft OneNote phishing technique, from Matt Aldridge, OpenText
Earlier today, news broke that some hackers are now using OneNote attachments to spread malware. Please find the full story here: Microsoft OneNote attachments are being used to spread malware
The story focuses on phishing emails which include OneNote files carrying malicious VBS files. When released, these communicate with the target’s C2 server and download malware on to the computer.
The commentary Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions on what this means for the industry, and how business leaders can mitigate cyber risks in the ever-changing cyber landscape.
Comment on Microsoft OneNote attachment phishing from Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions
“A key challenge of cybersecurity and cyber resilience is that the goal posts are always moving. Here we see another example of a novel technique being used to bypass certain security controls, and it highlights the importance of implementing multiple defensive layers, plus a strong education strategy. Many file types allow the embedding or archiving of other files within them, and any of these can be useful for attackers. Sometimes attackers will also choose to encrypt the contents to try to evade detection at the gateway. It is critical to have a security awareness training solution in place which is regularly updated to reflect new trends such as this, along with comprehensive cyber hygiene and solutions such as email security, web security, endpoint security and regularly tested, isolated backups to round out a comprehensive cyber resilience strategy.”