Hunting for Non Traditional Initial Access Vectors: One Note Notebooks and Malicious Shortcuts (. lnk)

In what s looking like a new trend for 2023, we re seeing a sharp increase in phishing attacks that are using new and nontraditional file types, including OneNote notebooks, ISO files, and malicious shortcuts (. lnk). This is a natural evolution since Microsoft s decision last year to block macros in Office documents downloaded from the Internet. In this week s Threat SnapShot, we ll take a look at how attackers are weaponizing these file types, and discuss hunting and detection strategies you can use in your organization. References: SnapAttack Resources: Threat: Trojanized OneNote Detection: Suspicious Extracted File from