Yesterday Office 365 finally caught the piece of malware we've been using in our demos for the past 5 months. The bad news, however, is that it took us only five minutes to find a new piece of malware that goes undetected in O365.
Here's the story:
In our demos for the last five months, we used a piece of malware we received from Check Point that they caught with Sandblast at one of their Firewalls. Doing a live customer demo always carries the risk of the unknown, and so we always began with a disclaimer that one day, we expected Microsoft and Google to detect and block this malware, and that today might be that day.
Well, yesterday was finally that day. Microsoft caught it. It still goes through Gmail, but one might assume that as the days of "zero-day" for this malware are over, Google will detect it shortly.
Now, we needed to find a new malicious file for our demo. It took us less than five minutes to find that new file. In case you're interested, here's a recording of how easy it was to find it: