December 11, 2023

Once Microsoft blocked the Office Macro for VBA and XLM or XL4, ransomware actors quickly switched tactics to adapt to the new changes.

Researchers says that Microsoft’s solution to bar hackers from hacking the XL4 and VBA macros had gone a long way declining to 66% in last 9 months.

The hackers who have previously exploited the office macros are now shifting tactics for a new attack route. They have been relying on controlling RAR and ISO files to infect systems with malware. Even the LNK files are reportedly involved in their latest campaign.

Advertisements

Threat actors have been devising their plans to pivot away from the usual campaign through VBA macros. They continue to experiment further to see what email-based malware campaign will effectively spread the virus and bypass the victim’s MOTW (Mark of the Web) protection.

Experts have discovered about a 175% increase in the incidents of exploitations related to LNK, RAR, and ISO usage.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

TheCyberThrone Security Week In Review – December 2nd & 10th, 2023

December 10, 2023

5Ghoul Vulnerabilities affects 5G devices

December 10, 2023

Microsoft EDGE Browser Critical Sandbox Escape Vulnerability – CVE-2023-35618

December 9, 2023

WordPress POP CMS Vulnerability

December 9, 2023

Apache Struts fixes Critical Vulnerability – CVE-2023-50164

December 8, 2023

Meta enables Messenger with E2EE by Default

December 8, 2023 2
%d