Browsing tag
With Microsoft taking steps to block Excel 4.0 (XLM or XL4) and Visual Basic for Applications (VBA) macros by default across Office apps, malicious actors are responding by refining their tactics, techniques, and procedures (TTPs). “The use of VBA and XL4 Macros decreased approximately 66% from October 2021 through June 2022,” Proofpoint said in a […]
A spear-phishing campaign targeting Jordan’s foreign ministry has been observed dropping a new stealthy backdoor dubbed Saitama. Researchers from Malwarebytes and Fortinet FortiGuard Labs attributed the campaign to an Iranian cyber espionage threat actor tracked under the moniker APT34, citing resemblances to past campaigns staged by the group. “Like many of these attacks, the email […]
According to information security audit specialists there is a Microsoft Excel feature called Power Query that could be used by threat actors to inject malware into remote systems. Experts at Mimecast Threat Center described how the vulnerability could be exploited through a proof of concept. Power Query enables Excel users to embed external data sources […]
Back at Ignite Conference last September, Microsoft announced a number of new features for its Office apps. One of the feature “Insert Data from Picture” teased at the event is finally rolling out to users. The new feature uses Microsoft image-recognition functionality to read a picture’s table data and turn it into an Excel Spreadsheet. The feature is […]