top of page

APT41 - HOODOO, Wicked Panda

Affects:

1200px-Microsoft_365_logo.png

Severity:

HIGH

Productivity Impact:

VERY LOW

Fix Estimate:

2-3 minutes

Automatically protected by:

PREMIUM-logo-label-m.png

...Coming Soon!

Research:

Summary:

APT41 sent spearphishing emails with attachments such as compiled HTML (.chm) files to initially compromise their victims.

Remediation details

Disable .CHM files as Email Attachments


  1. Click on Policies & Rules

  2. Select Threat Poliicies

  3. Select Anti-malware

  4. Click Edit Protection Settings

  5. Ensure common attachment filter is enabled

  6. Click Select file type

  7. Add .CHM





In addition to the above, there is an a more detailed guide you can leverage here: https://activedirectorypro.com/block-dangerous-file-attachments-in-exchange-online/


bottom of page