Another Attack on Microsoft 365 Reported

Microsoft 365

Another new attack tactic, that bypasses both of the Microsoft 365 advanced security (ATP) and default security (EOP), has been spotted.

Avanan researchers have revealed a striking rise in the use of a symbolic link (SLK) files against Microsoft 365 users. The threat actors sent an email with an SLK attachment that contained a malicious macro leading to the download and installs a RAT.

The bottom line remains that the attack was highly obfuscated, and was specifically designed to bypass a certain security layer of the Microsoft 365 infrastructure. Every file is unique, and never two attachments share similar/common MD5 hash. However, Gmail users are hopefully secure from this attack as Google blocks it actively on the incoming email.

To Read More: Cyware