Microsoft’s decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led many threat actors to improvise their attack chains in recent months.
Now according to Cisco Talos, advanced persistent threat (APT) actors and commodity malware families alike are increasingly using Excel add-in (.XLL) files as an initial intrusion vector.

This entry was posted in Uncategorized and tagged .

Leave a Reply

Your email address will not be published. Required fields are marked *