It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-6)

Barracuda Assistant

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Managed Security Awareness Training (Managed Phishline)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Intronis Backup (ECHOplatform)

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Support Services

Barracuda XDR

Overview Documentation Materials

You are currently viewing the legacy Barracuda Campus portal

Due to ongoing compatibility requirements during the migration, some users are still being redirected here. All content is being transitioned to the new Campus Training Portal and Campus Documentation Portal, and this legacy portal will be fully retired once the migration is complete.

Please visit https://campus.barracuda.com for more information.

Simulating Cloud Security Threats - OneDrive Malware File Upload

Last updated on 2025-04-17 14:01:59

Rule:

Office 365 OneDrive Malware File Upload

Purpose

Identifies the occurrence of files uploaded to OneDrive being detected as Malware by the file scanning engine. Attackers can use File Sharing and Organization Repositories to spread laterally within the company and amplify their access. Users can inadvertently share these files without knowing their maliciousness, giving adversaries opportunity to gain initial access to other endpoints in the environment.

Objective

Ensure that malware file uploads to OneDrive are detected.

Test Workflow

How to test

Download a safe test malware file (e.g., EICAR test file used for AV testing).
Log in to OneDrive with the test user account.
Upload the EICAR test file to the OneDrive account.
Allow the OneDrive file-scanning engine time to scan the file.