#QuickAssist

VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware

by

November 6, 2024 at 01:57PM The VEILDrive threat campaign leverages Microsoft services like Teams and SharePoint to distribute malware through spear-phishing. Discovered by Hunters in September 2024, the attack targeted a U.S. critical infrastructure, using compromised accounts and Quick Assist for remote access. This strategy complicates detection of the malware, which connects to adversary-controlled OneDrive. … Read more

Crims abusing Microsoft Quick Assist to deploy Black Basta ransomware

by

May 16, 2024 at 07:34PM Cybercrime gang leverages Microsoft Quick Assist in social engineering attacks to deploy Black Basta ransomware. Microsoft investigates and advises users to be cautious of tech support scams. Organizations are recommended to block or uninstall unused remote management tools to reduce risk. Threat indicators and hunting queries provided by Microsoft for … Read more