Following the blocking of VBA macros by default in Microsoft Office apps – read about the ups and downs of that story here – Microsoft has announced that all untrusted XLL add-ins will be blocked by default. Microsoft Excel now blocking untrusted XLL add-ins by default (bleepingcomputer.com) Blocking any avenue …
Microsoft OneNote malware mitigation
I love OneNote – it is my go to, cross platform/cross device app (it even works on my watch!) so I have been watching the increasing threat actor activity using OneNote attachments with interest, as we all use OneNote her at Smart Thinking and Octagon and I have encouraged many …
QakNote – OneNote malware now has name
I use OneNote a lot – so I had to follow up on my previous post about OneNote attachments being used as an attack vector. OneNote has become the threat actors new choice of attachment probably because Microsoft closed the door on macro attacks. In the wild, Microsoft OneNote’ .one’ …
Another Password Vault Under Attack
Following LastPass security issues, BitWarden has seen some traction as an alternative – especially as you could run your own BitWarden server – I wrote about that here. Now BitWarden (among other password vault software) has come under threat via a malicious Google Ads phishing campaign, where the threat actors …
Do you know what an Excel XLL file is? The hackers do.
An Excel XLL file is a an add-in file that allows third parties to add extra functionality to Microsoft Excel – pretty useful. But of course the threat actors have extended that third party functionality to include malware. Now, just like with macros, Microsoft is blocking XLL files, originating from …
Continue reading “Do you know what an Excel XLL file is? The hackers do.”
