Palo Alto Networks


The Adventures of Malicious OneNote Attachments in Cortex XDR Land

The Cortex Threat Research team has been tracking recent campaigns that were using malicious OneNote email attachments as the initial attack vector. Malicious OneNote files have been made popular by various threat actors earlier this year, as a response to Microsoft blocking internet macros by default.

In correlation with Microsoft’s notice, starting in early 2023, OneNote infected attachments have been seen spreading malware such as Emotet, Qakbot, ...

Jul 05, 2023

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.