A recent Varonis report exposes a rising threat: cyber criminals exploiting Microsoft OneNote to launch “native” phishing campaigns via Microsoft 365. OneNote is a well-established digital note-taking app that provides a single place for keeping users' reminders, research and project information. These attacks exploit trust in legitimate collaboration tools, combining social engineering and cloud infrastructure to bypass traditional defenses. This new attack vector uses shared OneNote notebook
There have been some developments in the Ducktail phishing campaign. To begin our report, it seems reasonable to go over a little bit of history on Ducktail for those who might be unfamiliar. The Ducktail phishing campaign was first discovered and reported on in late July of 2022. Researchers at the firm WithSecure are credited with the discovery of the campaign. In terms of who is responsible, WithSecure’s report on this campaign indicated a high level of confidence in their belief that the
