Summary:
APT41 sent spearphishing emails with attachments such as compiled HTML (.chm) files to initially compromise their victims.
Remediation details
Overe maintains a list of custom file extensions that, when added to Microsoft's default file type list, will cause the rule to trigger and apply the specified email quarantine action.
This includes .chm and others,
With one button, you can enforce our recommended Policy control 'Mark certain file extensions as malware threat' to all your tenants at once by adding it to their Policy template, or you can modify the configuration of individual tenants.
See below to better understand how Policy Controls work in Overe.
