Multiple Malware Variants Distributed Through Microsoft OneNote
Spear-phishing emails with malicious Microsoft OneNote attachments were discovered delivering variants from the AsyncRAT, Formbook¸ Remcos, and XWorm malware families.
Multiple legitimate Microsoft Windows utilities were used to carry out the operation including cmd, BITSAdmin, PowerShell, wscript, and curl.
The adversary took advantage of the right-to-left override (RTLO or RLO) technique to convince the victim to execute files which appeared to be benign.
Featured Resources
blog
When Operational Efficiency Equals Compliance
This is Part 3 of our five-part series on Continuous Threat Exposure Management (CTEM). In today’s regulatory landscape, operational efficiency
CUSTOMERS
Non-profit Increases Financial Efficiency and Strengthens Cybersecurity Defenses
Facing increasing threats and tighter budgets, Walsall Housing Group Limited (whg), a UK housing association, turned to Cymulate to optimize
blog
Finding the Right Fit: Vulnerability Assessment vs. Penetration Testing
With more cyber threats than ever before, protecting your organization’s assets and sensitive data has never been more critical. Businesses
Subscribe to Our Blog
Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.
Subscribe