Tag
medium
advisory
Persistence via Malicious Microsoft Outlook VBA Template
2 rules 1 TTPAttackers establish persistence by installing a malicious VBA template in Microsoft Outlook, triggering scripts upon application startup by modifying the VBAProject.OTM file, detected by monitoring for unauthorized file modifications.
Outlook
persistence
vba
windows
2r
1t
medium
advisory
Outlook Security Settings Registry Modification
2 rules 1 TTPAttackers modify Outlook security settings via registry changes to enable malicious mail rules and bypass security controls, potentially leading to persistence and data compromise.
Microsoft Outlook
persistence
registry_modification
outlook
email
2r
1t