MS365 Services and Windows App Installer - new malware techniques
Microsoft is the market leader for office productivity tools, so no wonder new Windows and Microsoft365 attack methods are continuously found in the wild.
The MS Security Blog (see here) is describing new attack vectors leveraging MS365 services such as Teams and Sharepoint, combined with weaknesses in Windows App Installer (MSIX) technology.
Things to note:
➡ Malicious MS365 tenants are increasingly being used to stage malware campaigns. Microsoft will need to police its MS365 tenants more diligently.
➡ Innovative Windows endpoint attack vectors such as MSIX App Installer are continuously developed.
👨💼 “Educate users” dominate the Microsoft recommendations related to these attacks.
💡 Deploying Security Awareness Trainings (SAT) continuously and at scale should be the focus of organizations.
More info below: