Tag: excel

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector
Reputation, Resources, Risk, Security

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

Since Microsoft decided to by default disable Visual Basic for Applications (VBA) macros for Office files received from the internet, threat actors have been forced to adapt their attack chains. The use of Excel add-in (.XLL) files as an initial attack vector by advanced persistent threat (APT) actors and commodity malware families is now on the rise, according to Cisco Talos. Weaponized Office files distributed through spear-phishing emails and other social engineering assaults continue to be one of the most popular entry points for criminal organizations seeking to run harmful code. Typically, these documents ask the victims to enable macros in order to view seemingly innocent material, only to trigger the malware's stealthy background execution read the complete article APT Ha...