Contactez-nous Suivez-nous sur Twitter En francais English Language

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Microsoft OneNote phishing technique, from Matt Aldridge, OpenText

January 2023 by Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions

Earlier today, news broke that some hackers are now using OneNote
attachments to spread malware. Please find the full story here:
Microsoft OneNote attachments are being used to spread malware.

The story focuses on phishing emails which include OneNote files
carrying malicious VBS files. When released, these communicate with the
target’s C2 server and download malware on to the computer.

The commentary Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions
on what this means for the industry, and how business leaders can
mitigate cyber risks in the ever-changing cyber landscape.

"A key challenge of cybersecurity and cyber resilience is that the goal
posts are always moving. Here we see another example of a novel
technique being used to bypass certain security controls, and it
highlights the importance of implementing multiple defensive layers,
plus a strong education strategy. Many file types allow the embedding
or archiving of other files within them, and any of these can be useful
for attackers. Sometimes attackers will also choose to encrypt the
contents to try to evade detection at the gateway. It is critical to
have a security awareness training solution in place which is regularly
updated to reflect new trends such as this, along with comprehensive
cyber hygiene and solutions such as email security, web security,
endpoint security and regularly tested, isolated backups to round out a
comprehensive cyber resilience strategy."

See previous articles


See next articles

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55

All new podcasts