![]() Trustwave SpiderLabs researchers have documented several phishing and spear-phishing campaigns using trojanized OneNote documents to deliver malware families like Qakbot, XWorm, Icedid, Formbook, and AsyncRAT. "Furthermore, OneNote documents do not include 'Protected View' and Mark-of-the-Web protection increasing the risk of exposure to potentially malicious files and making it attractive to cybercriminals." These notes can be used by different users to enhance collaboration, so OneNote documents are often sent from one user to another over the Internet or a network. ![]() ![]() What is Microsoft OneNote, and why do attackers love OneNote docs? "Users will receive a notification when the files seem dangerous to improve the file protection experience in OneNote on Windows," the company said. Microsoft has announced that, starting in April 2023, they will be adding enhanced protection when users open or download a file embedded in a OneNote document - a known high-risk phishing file type. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |