The rule doesnt appear in the local copy of Outlook. I ran into this a couple of times over the last six months, and this is what I found I'm sure it could be different for others, I thought I would share my experiences in case it helps anyone.Ī malicious email was opened, and a link is clicked which prompts the user to enter O365 credentials to retrieve a document.Īfter the credentials are provided, the document us unable to be downloaded/opened (not sure which, and I dont have access to my sandbox right now to check) At that point either a script is run or a person manually creates a rule on the O365 portal to deliver replies to the RSS Feeds folder (the more recent version of this was much more sloppy and had ALL incoming mail delivering to RSS). I can't find further details about the PUM can anyone offer insights? The only thing I can think of that changed in the past 24 hours was an update to Google Chrome and an update to Steam. Microsoft Windows Malicious Software Removal Tool Finished On Wed May 15 08:34:39 2019 Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 10 08:21:07 2019 So, the scans most certainly still take place. However, if I look in the MRT log (C:\Windows\debug\mrt.log), I can see that scans did in fact still take place both in April and May. Running a Malwarebytes scan today gave me the two new PUM messages above which confirms the O
0 Comments
Leave a Reply. |