Saturday, February 27, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

NoRelationship phishing attack dances around Microsoft Office 365 email filters

February 20, 2019
in Internet Security
NoRelationship phishing attack dances around Microsoft Office 365 email filters
587
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Researchers have described a new phishing attack which is able to bypass Microsoft malicious file filters.

On Tuesday, cybersecurity firm Avanan said the attack, dubbed NoRelationship, uses a link parsing weakness in email scanning products to hide malicious links.

You might also like

Chrome will soon try HTTPS first when you type an incomplete URL

Go malware is now common, having been adopted by both APTs and e-crime groups

Why your diversity and inclusion efforts should include neurodiverse workers

First detected just before Valentine’s Day, NoRelationship is able to circumvent Microsoft’s Exchange Online Protection (EOP) URL filters, which scan Office documents including .docx, .xlsx, and .pptx to warn users when malicious content is detected.

The NoRelationship phishing attack includes a .docx attachment containing a malicious link which leads to credential harvesting login pages.

This is a very common technique used by scammers, but in order to circumvent security and protections which are often effective, the attackers behind the scheme deleted external links from a relationship file — xml.rels — which is a genuine file that lists links included in an attachment.

See also: Key takeaways from damning UK report on Facebook’s world of “digital gangsters”

Link parsers used in scanning software do not always scan full documents to ascertain their risk levels. Instead, they often rely on xml.rels files to list external links found in a document which can then be checked against known malicious links contained in threat databases.

By deleting the external link entries, this caused Microsoft EOP to fail to detect the phishing attempt.

According to Avanan, the bypass technique is not only effective on Microsoft’s default Office 365 security. ProofPoint and F-Secure scanners also failed to find the malicious links used in NoRelationship.

CNET: Facebook faces questions from lawmakers about privacy of health groups

However, Microsoft Advanced Threat Protection (ATP) and Mimecast’s link parsers are both able to detect the malicious files used in this attack.

“Like the index of a book, the relationship file lists the essential of the parts of the document — external links and images, or internal document components, like font tables,” the researchers say. “Sometimes, key terms might not be included in the index, but they are still in the book. In this attack, hackers deleted the external links from the relationship file to bypass link parsers that only read the index rather than the “book.””

The team says there is likely no means to resolve this issue beyond making sure email scanners tackle full documents, rather than just relationship files.

TechRepublic: The year 2018 was the second most active year on record for data breaches, report says

Last month, researchers published a tool called Modlishka which is a reverse proxy able to automate phishing attacks and circumvent two-factor authentication (2FA).

The penetration testing tool, if used for malicious purposes, is able to sit between users and target websites in order to record communication streams as well as collect 2FA tokens in real-time.

ZDNet has reached out to Microsoft and will update if we hear back.

Previous and related coverage

Credit: Source link

Previous Post

Guide to Your Personal Data and Who Is Using It - From Wired

Next Post

Machine Learning Swiftly Analyzes Nanomedicines for Cancer Immunotherapy

Related Posts

Chrome will soon try HTTPS first when you type an incomplete URL
Internet Security

Chrome will soon try HTTPS first when you type an incomplete URL

February 27, 2021
Go malware is now common, having been adopted by both APTs and e-crime groups
Internet Security

Go malware is now common, having been adopted by both APTs and e-crime groups

February 27, 2021
Why your diversity and inclusion efforts should include neurodiverse workers
Internet Security

Why your diversity and inclusion efforts should include neurodiverse workers

February 26, 2021
Attorney-General urged to produce facts on US law enforcement access to COVIDSafe
Internet Security

Attorney-General urged to produce facts on US law enforcement access to COVIDSafe

February 26, 2021
This chart shows the connections between cybercrime groups
Internet Security

This chart shows the connections between cybercrime groups

February 26, 2021
Next Post
Machine Learning Swiftly Analyzes Nanomedicines for Cancer Immunotherapy

Machine Learning Swiftly Analyzes Nanomedicines for Cancer Immunotherapy

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Chrome will soon try HTTPS first when you type an incomplete URL
Internet Security

Chrome will soon try HTTPS first when you type an incomplete URL

February 27, 2021
Cisco Releases Security Patches for Critical Flaws Affecting its Products
Internet Privacy

Cisco Releases Security Patches for Critical Flaws Affecting its Products

February 27, 2021
Levels of Measurement (Nominal, Ordinal, Interval, Ratio) in Statistics
Data Science

Levels of Measurement (Nominal, Ordinal, Interval, Ratio) in Statistics

February 27, 2021
An Epic cognitive computing platform primer
Machine Learning

An Epic cognitive computing platform primer

February 27, 2021
Tackling ethics in AI algorithms: the case of Salesforce | by Iflexion | Feb, 2021
Neural Networks

Tackling ethics in AI algorithms: the case of Salesforce | by Iflexion | Feb, 2021

February 27, 2021
Take our martech survey: Friday’s daily brief
Digital Marketing

Take our martech survey: Friday’s daily brief

February 27, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Chrome will soon try HTTPS first when you type an incomplete URL February 27, 2021
  • Cisco Releases Security Patches for Critical Flaws Affecting its Products February 27, 2021
  • Levels of Measurement (Nominal, Ordinal, Interval, Ratio) in Statistics February 27, 2021
  • An Epic cognitive computing platform primer February 27, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates