Following the blocking of VBA macros by default in Microsoft Office apps – read about the ups and downs of that story here – Microsoft has announced that all untrusted XLL add-ins will be blocked by default. Microsoft Excel now blocking untrusted XLL add-ins by default (bleepingcomputer.com) Blocking any avenue …
Do you know what an Excel XLL file is? The hackers do.
An Excel XLL file is a an add-in file that allows third parties to add extra functionality to Microsoft Excel – pretty useful. But of course the threat actors have extended that third party functionality to include malware. Now, just like with macros, Microsoft is blocking XLL files, originating from …
Continue reading “Do you know what an Excel XLL file is? The hackers do.”
Emotet is back
Just when it looked like the Emotet spamming/malware operation had stopped, there are widespread reports that it has restarted. Emotet botnet starts blasting malware again after 5 month break (bleepingcomputer.com) Infected Microsoft Office documents are Emotet’s favoured method of malware distribution. Once the email has slipped past your technical defences, …
Yesterday was Microsoft Patch Tuesday – get it done and check everyone else is getting it done as well…
It is that time again – among the fixes and patches from Microsoft, for July 2022 is one addressing CVE-2022-22047, Windows Elevation of Privilege Vulnerability – according to Microsoft a zero-day flaw that is being exploited by threat actors. For more details see Bleeping Computer’s excellent round-up of Patch Tuesday: …
Microsoft Patch Tuesday – Follina zero-day fixed
We will start with the good news – the zero-day threat Follina/msdt.exe has been patched. Let’s hope that it really is the fix we all need! Microsoft June 2022 Patch Tuesday fixes 1 zero-day, 55 flaws (bleepingcomputer.com) There are other fixes in the update, for Excel, Edge, Microsoft networking etc …
Continue reading “Microsoft Patch Tuesday – Follina zero-day fixed”
Anatomy of a RAT attack using a password protected Excel attachment
This is the classic way a hacker gets their payload into your business – send you a spreadsheet that needs your immediate attention. Include the password in the email, this makes it more likely for you to open the file – make it look official and your cyber security threat …
Continue reading “Anatomy of a RAT attack using a password protected Excel attachment”
Malware in the wild – in an Excel file sent out by email. Could you spot it?
Here is a classic phishing email attack – millions of potential emails could contain this, could you spot it? It also includes the dreaded “Enable Macro” request. Windows MetaStealer Malware – Sans Internet Storm Centre Windows MetaStealer Malware – SANS Internet Storm Center
